urlscan.io logo urlscan.io
SecurityTrails logo

em-br.diariodetocantins.com Open in urlscan Pro
2606:4700:3034::6815:55aa  Public Scan

Go To Rescan Add Verdict Report
URL: https://em-br.diariodetocantins.com/
Submission: On March 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 78 IPs in 8 countries across 64 domains to perform 391 HTTP transactions. The main IP is 2606:4700:3034::6815:55aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is em-br.diariodetocantins.com.
TLS certificate: Issued by GTS CA 1P5 on March 6th 2024. Valid for: 3 months.
This is the only time em-br.diariodetocantins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
19 2607:f8b0:400... 15169 (GOOGLE)
3 179.191.177.67 52580 (Azion Tec...)
3 2a03:2880:f00... 32934 (FACEBOOK)
1 104.102.130.13 16625 (AKAMAI-AS)
3 7 2606:4700:303... 13335 (CLOUDFLAR...)
36 179.191.175.69 52580 (Azion Tec...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 192.243.59.12 39572 (ADVANCEDH...)
1 5 142.234.204.80 396362 (LEASEWEB-...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.160.51.31 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
7 35.201.123.184 396982 (GOOGLE-CL...)
2 54.192.51.80 16509 (AMAZON-02)
1 18.160.10.101 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
7 11 142.250.31.156 15169 (GOOGLE)
1 1 216.200.232.253 30419 (MEDIAMATH...)
2 3 34.200.65.202 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
17 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 3.161.213.97 16509 (AMAZON-02)
1 18.67.62.209 16509 (AMAZON-02)
8 34.102.185.99 396982 (GOOGLE-CL...)
2 3.161.213.111 16509 (AMAZON-02)
2 179.191.175.66 52580 (Azion Tec...)
1 54.192.51.40 16509 (AMAZON-02)
1 13.225.195.82 16509 (AMAZON-02)
1 3.161.213.18 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
13 2607:f8b0:400... 15169 (GOOGLE)
6 2600:1408:900... 20940 (AKAMAI-ASN1)
85 2600:1408:900... 20940 (AKAMAI-ASN1)
4 2600:1408:900... 20940 (AKAMAI-ASN1)
1 23.105.12.113 30633 (LEASEWEB-...)
4 11 68.67.161.182 29990 (ASN-APPNEX)
1 2602:803:c002... 26667 (RUBICONPR...)
1 174.137.133.32 27257 (WEBAIR-IN...)
1 185.184.10.30 203690 (RTB-HOUSE...)
2 11 51.222.39.186 16276 (OVH)
14 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 104.18.189.136 13335 (CLOUDFLAR...)
2 54.192.51.48 16509 (AMAZON-02)
2 34.117.196.1 396982 (GOOGLE-CL...)
8 2600:1408:900... 20940 (AKAMAI-ASN1)
5 13 2a02:6b8::1:119 208398 (TELETECH)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
2 74.119.119.139 19750 (AS-CRITEO)
2 151.101.193.108 54113 (FASTLY)
2 23.220.118.26 16625 (AKAMAI-AS)
2 2 35.207.24.140 15169 (GOOGLE)
1 1 74.121.140.211 30419 (MEDIAMATH...)
1 213.19.162.90 3356 (LEVEL3)
1 1 63.251.28.233 26558 (FREEWHEEL)
14 21 69.173.151.100 26667 (RUBICONPR...)
1 1 80.77.87.162 46636 (NATCOWEB)
1 82.145.213.8 39832 (NO-OPERA)
1 23.83.76.84 395954 (LEASEWEB-...)
3 7 209.54.182.161 16509 (AMAZON-02)
1 104.36.113.110 62713 (AS-PUBMATIC)
2 2 198.148.27.131 19189 (PULSEPOINT)
2 2 2606:ae80:145... 25751 (VALUECLICK)
1 35.211.178.172 15169 (GOOGLE)
3 3 23.105.12.150 30633 (LEASEWEB-...)
2 23.39.33.14 16625 (AKAMAI-AS)
2 2 3.233.74.236 14618 (AMAZON-AES)
2 2 35.244.159.8 396982 (GOOGLE-CL...)
1 207.65.37.181 62713 (AS-PUBMATIC)
2 2 18.233.188.186 14618 (AMAZON-AES)
2 2 37.157.6.232 198622 (ADFORM)
1 2 2600:1f18:4e9... 14618 (AMAZON-AES)
5 5 3.33.220.150 16509 (AMAZON-02)
2 3 52.95.122.74 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
8 8 54.152.50.241 14618 (AMAZON-AES)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 3.208.192.93 14618 (AMAZON-AES)
2 2 54.166.87.8 14618 (AMAZON-AES)
1 147.28.129.140 54825 (PACKET)
1 54.236.181.83 14618 (AMAZON-AES)
1 1 8.2.110.33 46636 (NATCOWEB)
3 104.36.113.107 62713 (AS-PUBMATIC)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
4 8.28.7.83 62713 (AS-PUBMATIC)
1 40.76.134.238 8075 (MICROSOFT...)
1 2 35.71.139.29 16509 (AMAZON-02)
1 1 34.150.170.96 396982 (GOOGLE-CL...)
2 104.36.113.111 62713 (AS-PUBMATIC)
1 1 2600:9000:215... 16509 (AMAZON-02)
391 78
19    2606:4700:3034::6815:55aa (United States)

ASN13335 (CLOUDFLARENET, US)
em-br.diariodetocantins.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
19    2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    179.191.177.67 (Ashburn, United States)

ASN52580 (Azion Technologies Ltda., BR)
imgs2.uai.com.br
barra.uai.com.br
3    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.102.130.13 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-130-13.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
7    2606:4700:3034::ac43:c891 (United States)

ASN13335 (CLOUDFLARENET, US)
image.staticox.com
36    179.191.175.69 (Miami, United States)

ASN52580 (Azion Technologies Ltda., BR)
midias.em.com.br
imgs.em.com.br
3    2606:4700:3034::6815:acc (United States)

ASN13335 (CLOUDFLARENET, US)
www.flipar.com.br
2    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
demiseskill.com
5    142.234.204.80 (Edison, United States)

ASN396362 (LEASEWEB-USA-NYC, US)
vmuid.com
origunix.com
pupspu.com
1    2607:f8b0:4004:c0b::8d (Washington, United States)

ASN15169 (GOOGLE, US)
survey.g.doubleclick.net
5    2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
3    18.160.51.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-51-31.iad55.r.cloudfront.net
c.amazon-adsystem.com
5    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
0556858879aa602f1fab37ad8058c9c9.safeframe.googlesyndication.com
7    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
2    54.192.51.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-80.yul62.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    18.160.10.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-101.iad12.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
pagead2.googlesyndication.com
11    142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net
cm.g.doubleclick.net
1    216.200.232.253 (United States)

ASN30419 (MEDIAMATH-INC, US)
pixel.mathtag.com
3    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2607:f8b0:4004:c09::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    3.161.213.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-97.yul62.r.cloudfront.net
launchpad.privacymanager.io
1    18.67.62.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-62-209.iad89.r.cloudfront.net
aax.amazon-adsystem.com
8    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-10258-0.seg.t.tailtarget.com
b.t.tailtarget.com
tt-11382-4.seg.t.tailtarget.com
t.tailtarget.com
2    3.161.213.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-111.yul62.r.cloudfront.net
geo.privacymanager.io
2    179.191.175.66 (Miami, United States)

ASN52580 (Azion Technologies Ltda., BR)
css.em.com.br
1    54.192.51.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-40.yul62.r.cloudfront.net
cnt.trvdp.com
1    13.225.195.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-82.yul62.r.cloudfront.net
go.trvdp.com
1    3.161.213.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-18.yul62.r.cloudfront.net
stg.truvidplayer.com
2    2607:f8b0:4004:c1b::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2606:4700::6812:170e (United States)

ASN13335 (CLOUDFLARENET, US)
tags.denakop.com
13    2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2600:1408:9000::17c9:1fd0 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
iframe.fresh8.co
85    2600:1408:9000::172d:b4c9 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
iframe-assets.fresh8.co
4    2600:1408:9000::17c9:1fe3 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
console-user-assets-cdn.fresh8.co
1    23.105.12.113 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
prg.smartadserver.com
11    68.67.161.182 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
cpm.denakop.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, CY)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
11    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
14    2606:4700:10::6816:1ed1 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
2    104.18.189.136 (None, )

ASN13335 (CLOUDFLARENET, US)
record.betsson.com
2    54.192.51.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-48.yul62.r.cloudfront.net
www.betsson.com
2    34.117.196.1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 1.196.117.34.bc.googleusercontent.com
clickstream.fresh8.co
8    2600:1408:9000::17c9:1fda (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.fresh8.co
13    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208398 (TELETECH, RS)
mc.yandex.ru
mc.yandex.com
2    2607:f8b0:4004:c1d::67 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.220.118.26 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-118-26.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    213.19.162.90 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
1    63.251.28.233 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
21    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    82.145.213.8 (United States)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    23.83.76.84 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync-global.smartadserver.com
7    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    104.36.113.110 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    2606:ae80:1451:22::730 (United States)

ASN25751 (VALUECLICK, US)
prebid-match.dotomi.com
1    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    23.105.12.150 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
rtb-csync.smartadserver.com
2    23.39.33.14 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-33-14.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    3.233.74.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-74-236.compute-1.amazonaws.com
ice.360yield.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    207.65.37.181 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    18.233.188.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-188-186.compute-1.amazonaws.com
ap.lijit.com
2    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    2600:1f18:4e9:5a05:d643:b640:6740:33e1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
5    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
8    54.152.50.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-50-241.compute-1.amazonaws.com
match.prod.bidr.io
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    3.208.192.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-192-93.compute-1.amazonaws.com
ce.lijit.com
2    54.166.87.8 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-87-8.compute-1.amazonaws.com
sync.ipredictive.com
1    147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    54.236.181.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-181-83.compute-1.amazonaws.com
match.sharethrough.com
1    8.2.110.33 (United States)

ASN46636 (NATCOWEB, US)
us.shb-sync.com
3    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
4    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    40.76.134.238 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
2    104.36.113.111 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    2600:9000:215f:e800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
Apex Domain
Subdomains		 Transfer
105 fresh8.co
iframe.fresh8.co — Cisco Umbrella Rank: 178394
iframe-assets.fresh8.co — Cisco Umbrella Rank: 183156
console-user-assets-cdn.fresh8.co — Cisco Umbrella Rank: 183708
clickstream.fresh8.co — Cisco Umbrella Rank: 194822
cdn.fresh8.co — Cisco Umbrella Rank: 188134
469 KB
38 em.com.br
midias.em.com.br
css.em.com.br
imgs.em.com.br
2 MB
37 googlesyndication.com
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 204
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
0556858879aa602f1fab37ad8058c9c9.safeframe.googlesyndication.com
439 KB
32 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 275
survey.g.doubleclick.net — Cisco Umbrella Rank: 64568
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
cm.g.doubleclick.net — Cisco Umbrella Rank: 353
434 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 745
eus.rubiconproject.com — Cisco Umbrella Rank: 905
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2862
pixel.rubiconproject.com — Cisco Umbrella Rank: 629
token.rubiconproject.com — Cisco Umbrella Rank: 739
29 KB
19 diariodetocantins.com
em-br.diariodetocantins.com
1 MB
15 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 106153
d.tailtarget.com — Cisco Umbrella Rank: 110966
tt-10258-0.seg.t.tailtarget.com
b.t.tailtarget.com — Cisco Umbrella Rank: 82286
tt-11382-4.seg.t.tailtarget.com — Cisco Umbrella Rank: 553046
t.tailtarget.com — Cisco Umbrella Rank: 39574
49 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 355
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 920
aax.amazon-adsystem.com — Cisco Umbrella Rank: 461
s.amazon-adsystem.com — Cisco Umbrella Rank: 409
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 936
86 KB
14 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5754
csync.smilewanted.com — Cisco Umbrella Rank: 4176
static.smilewanted.com — Cisco Umbrella Rank: 11970
19 KB
13 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 1040
ads.pubmatic.com — Cisco Umbrella Rank: 817
image6.pubmatic.com — Cisco Umbrella Rank: 1238
simage2.pubmatic.com — Cisco Umbrella Rank: 1492
image2.pubmatic.com — Cisco Umbrella Rank: 1530
image4.pubmatic.com — Cisco Umbrella Rank: 2116
simage4.pubmatic.com
27 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 371
acdn.adnxs.com — Cisco Umbrella Rank: 946
secure.adnxs.com — Cisco Umbrella Rank: 813
45 KB
11 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6478
6 KB
11 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1055
6 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 976
5 KB
7 staticox.com
image.staticox.com — Cisco Umbrella Rank: 649107
1 MB
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 40889
usr.navdmp.com — Cisco Umbrella Rank: 46897
cdn.navdmp.com — Cisco Umbrella Rank: 32739
sync2.navdmp.com — Cisco Umbrella Rank: 84113
sync.navdmp.com — Cisco Umbrella Rank: 37277
6 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 862
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 589
2 KB
5 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2166
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2407
sync.smartadserver.com — Cisco Umbrella Rank: 2184
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1000
2 KB
5 denakop.com
tags.denakop.com — Cisco Umbrella Rank: 195767
cpm.denakop.com — Cisco Umbrella Rank: 150218
147 KB
5 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2628
ups.analytics.yahoo.com — Cisco Umbrella Rank: 702
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 881
2 KB
5 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3808
launchpad.privacymanager.io — Cisco Umbrella Rank: 3213
geo.privacymanager.io — Cisco Umbrella Rank: 2683
30 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
343 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 622
mug.criteo.com — Cisco Umbrella Rank: 1939
2 KB
4 betsson.com
record.betsson.com — Cisco Umbrella Rank: 855010
www.betsson.com — Cisco Umbrella Rank: 574570
954 B
4 google.com
s.google.com Failed
analytics.google.com — Cisco Umbrella Rank: 258
www.google.com — Cisco Umbrella Rank: 5
2 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1057
ce.lijit.com — Cisco Umbrella Rank: 1471
1 KB
3 gstatic.com
www.gstatic.com
17 KB
3 flipar.com.br
www.flipar.com.br
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 251
91 KB
3 uai.com.br
imgs2.uai.com.br
barra.uai.com.br
7 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 721
974 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1532
1 KB
2 adform.net
cm.adform.net — Cisco Umbrella Rank: 1518
993 B
2 openx.net
u.openx.net — Cisco Umbrella Rank: 1139
663 B
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2677
670 B
2 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 3217
676 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 989
2 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1952
855 B
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2486
73 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
41 KB
2 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 37224
go.trvdp.com — Cisco Umbrella Rank: 32263
7 KB
2 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 3212
sync.mathtag.com — Cisco Umbrella Rank: 2081
1 KB
2 pupspu.com
pupspu.com — Cisco Umbrella Rank: 31177
57 KB
2 vmuid.com
vmuid.com — Cisco Umbrella Rank: 686445
11 KB
2 demiseskill.com
demiseskill.com — Cisco Umbrella Rank: 587614
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1033
446 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1431
662 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 9025
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 4258
4 KB
1 shb-sync.com
us.shb-sync.com — Cisco Umbrella Rank: 8161
573 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 816
281 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1085
452 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 734
516 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 619
235 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1652
418 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1686
577 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 966
519 B
1 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 13778
190 B
1 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 26171
360 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
900 B
1 origunix.com
origunix.com — Cisco Umbrella Rank: 792101
364 B
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 5083
17 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1217
30 KB
391 64
Domain Requested by
85 iframe-assets.fresh8.co iframe.fresh8.co
iframe-assets.fresh8.co
34 midias.em.com.br em-br.diariodetocantins.com
19 securepubads.g.doubleclick.net em-br.diariodetocantins.com
securepubads.g.doubleclick.net
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
19 em-br.diariodetocantins.com em-br.diariodetocantins.com
www.googletagmanager.com
17 tpc.googlesyndication.com em-br.diariodetocantins.com
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
15 pixel.rubiconproject.com 9 redirects onetag-sys.com
15 pagead2.googlesyndication.com em-br.diariodetocantins.com
securepubads.g.doubleclick.net
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
12 csync.smilewanted.com tags.denakop.com
csync.smilewanted.com
ads.pubmatic.com
11 mc.yandex.com 4 redirects em-br.diariodetocantins.com
mc.yandex.ru
11 onetag-sys.com 2 redirects tags.denakop.com
onetag-sys.com
11 cm.g.doubleclick.net 7 redirects onetag-sys.com
10 ib.adnxs.com 3 redirects tags.denakop.com
acdn.adnxs.com
8 match.prod.bidr.io 8 redirects
8 cdn.fresh8.co iframe.fresh8.co
7 s.amazon-adsystem.com 3 redirects onetag-sys.com
ads.pubmatic.com
7 image.staticox.com 3 redirects em-br.diariodetocantins.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 iframe.fresh8.co 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
iframe.fresh8.co
5 pixel.tapad.com 3 redirects ads.pubmatic.com
5 match.adsrvr.org 5 redirects
5 d.tailtarget.com www.googletagmanager.com
em-br.diariodetocantins.com
d.tailtarget.com
5 www.googletagmanager.com em-br.diariodetocantins.com
www.googletagmanager.com
tags.denakop.com
4 image2.pubmatic.com ads.pubmatic.com
4 console-user-assets-cdn.fresh8.co iframe.fresh8.co
iframe-assets.fresh8.co
4 tags.denakop.com securepubads.g.doubleclick.net
em-br.diariodetocantins.com
4 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 simage2.pubmatic.com ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 b.t.tailtarget.com d.tailtarget.com
3 www.gstatic.com em-br.diariodetocantins.com
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
3 c.amazon-adsystem.com em-br.diariodetocantins.com
c.amazon-adsystem.com
3 www.flipar.com.br em-br.diariodetocantins.com
3 connect.facebook.net em-br.diariodetocantins.com
connect.facebook.net
2 eb2.3lift.com 1 redirects ads.pubmatic.com
2 sync.ipredictive.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 cm.adform.net 2 redirects
2 ap.lijit.com 2 redirects
2 u.openx.net 2 redirects
2 ice.360yield.com 2 redirects
2 ads.pubmatic.com csync.smilewanted.com
ads.pubmatic.com
2 sync.smartadserver.com 2 redirects
2 prebid-match.dotomi.com 2 redirects
2 bh.contextweb.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 eus.rubiconproject.com tags.denakop.com
eus.rubiconproject.com
2 acdn.adnxs.com tags.denakop.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 www.google.com tpc.googlesyndication.com
2 mc.yandex.ru 1 redirects em-br.diariodetocantins.com
2 t.tailtarget.com em-br.diariodetocantins.com
2 clickstream.fresh8.co iframe-assets.fresh8.co
2 www.betsson.com iframe-assets.fresh8.co
2 record.betsson.com 2 redirects
2 www.google-analytics.com barra.uai.com.br
www.googletagmanager.com
2 imgs.em.com.br em-br.diariodetocantins.com
2 css.em.com.br em-br.diariodetocantins.com
2 geo.privacymanager.io launchpad.privacymanager.io
2 tt-10258-0.seg.t.tailtarget.com d.tailtarget.com
2 ups.analytics.yahoo.com 1 redirects em-br.diariodetocantins.com
2 analytics.google.com www.googletagmanager.com
2 launchpad-wrapper.privacymanager.io www.googletagmanager.com
em-br.diariodetocantins.com
2 tags.t.tailtarget.com www.googletagmanager.com
tags.denakop.com
2 tag.navdmp.com em-br.diariodetocantins.com
tag.navdmp.com
2 pupspu.com em-br.diariodetocantins.com
origunix.com
2 vmuid.com em-br.diariodetocantins.com
vmuid.com
2 demiseskill.com em-br.diariodetocantins.com
2 imgs2.uai.com.br em-br.diariodetocantins.com
1 simage4.pubmatic.com ads.pubmatic.com
1 s.ad.smaato.net 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi 1 redirects
1 us01.z.antigena.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 us.shb-sync.com 1 redirects
1 match.sharethrough.com
1 prebid.a-mo.net
1 ce.lijit.com
1 px.ads.linkedin.com
1 image6.pubmatic.com ads.pubmatic.com
1 secure.adnxs.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 x.bidswitch.net onetag-sys.com
1 image8.pubmatic.com onetag-sys.com
1 ssbsync-global.smartadserver.com onetag-sys.com
1 t.adx.opera.com onetag-sys.com
1 cs.admanmedia.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 pixel-eu.rubiconproject.com onetag-sys.com
1 sync.mathtag.com 1 redirects
1 0556858879aa602f1fab37ad8058c9c9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tt-11382-4.seg.t.tailtarget.com d.tailtarget.com
1 prebid.smilewanted.com tags.denakop.com
1 prebid-us.creativecdn.com tags.denakop.com
1 cpm.denakop.com tags.denakop.com
1 fastlane.rubiconproject.com tags.denakop.com
1 prg.smartadserver.com tags.denakop.com
1 stg.truvidplayer.com go.trvdp.com
1 go.trvdp.com cnt.trvdp.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 fonts.googleapis.com em-br.diariodetocantins.com
1 cms.analytics.yahoo.com 1 redirects
1 sync.navdmp.com em-br.diariodetocantins.com
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com em-br.diariodetocantins.com
1 cdn.navdmp.com tag.navdmp.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 usr.navdmp.com tag.navdmp.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 barra.uai.com.br em-br.diariodetocantins.com
1 survey.g.doubleclick.net em-br.diariodetocantins.com
1 origunix.com 1 redirects
1 appleid.cdn-apple.com em-br.diariodetocantins.com
1 code.jquery.com em-br.diariodetocantins.com
0 s.google.com Failed em-br.diariodetocantins.com
391 119
Subject Issuer Validity Valid
diariodetocantins.com
GTS CA 1P5		 2024-03-06 -
2024-06-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.uai.com.br
AlphaSSL CA - SHA256 - G4		 2023-10-10 -
2024-11-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-01 -
2024-03-31		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2024-01-09 -
2024-07-07		 6 months crt.sh
staticox.com
GTS CA 1P5		 2024-02-13 -
2024-05-13		 3 months crt.sh
*.em.com.br
AlphaSSL CA - SHA256 - G4		 2023-10-10 -
2024-11-10		 a year crt.sh
demiseskill.com
R3		 2024-03-05 -
2024-06-03		 3 months crt.sh
vmuid.com
R3		 2024-01-27 -
2024-04-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-04 -
2024-05-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-19 -
2024-12-29		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
*.truvidplayer.com
Amazon RSA 2048 M03		 2024-01-07 -
2025-02-03		 a year crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2024-01-17 -
2024-12-31		 a year crt.sh
iframe.fresh8.co
R3		 2024-02-07 -
2024-05-07		 3 months crt.sh
iframe-assets.fresh8.co
R3		 2024-02-02 -
2024-05-02		 3 months crt.sh
console-user-assets-cdn.fresh8.co
R3		 2024-02-13 -
2024-05-13		 3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-04 -
2025-04-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
*.betsson.com
Amazon RSA 2048 M02		 2023-12-15 -
2025-01-12		 a year crt.sh
*.fresh8.co
Entrust Certification Authority - L1K		 2023-04-04 -
2024-04-04		 a year crt.sh
cdn.fresh8.co
R3		 2024-02-07 -
2024-05-07		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
pupspu.com
R3		 2024-01-27 -
2024-04-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-14 -
2024-06-06		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2024-03-12 -
2025-03-12		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-02-12 -
2024-08-07		 6 months crt.sh

This page contains 39 frames:

Primary Page: https://em-br.diariodetocantins.com/
Frame ID: 902C908C9085FBC49CFE5BD86BEABCDA
Requests: 131 HTTP requests in this frame

Frame: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DDF60193367A096F793311539A662DEE
Requests: 1 HTTP requests in this frame

Frame: https://barra.uai.com.br/centralizador.html?origem=https://em-br.diariodetocantins.com/
Frame ID: 7BB60ED8363FD6282F9FC95BF391EF9E
Requests: 2 HTTP requests in this frame

Frame: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6C6854D9705CF1AF19298354701C8DA6
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: FFBB1FCEC7013AF0E66E202D693B6E91
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9Ys6ylR7BmMFW6AtKirVz8ib_43m63qHIw-DpApmo9o.js
Frame ID: 561D6280622F1AF7273EDC0E4E1DE6B6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240321/r20110914/abg_lite_fy2021.js
Frame ID: 600AC0AD928DF0E95F94654B898B9341
Requests: 4 HTTP requests in this frame

Frame: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60FF9E2016B9DFE1FEFA44452E36314A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJuZZmhcZuRIVuHmWfQ4GcQZaNCwl-HCaSIQb41vT3HqLtyeeyMzlhBaCDq4A_WSeseI4mOYvKj666ijmuvGNrIL9KUXqc9eolj67jPVGj2b0CqDW9cNhWUCVlhs288Kh1e9kpajhyzTBQ240H3W-b0gto9v6BPb4bwuCASYVp4wmPICHQmyPPmduiYoEisvh2nQmvdTuGKwdOcpuk196iJsX88MNq97A0bWOQ6LH-XqxBKHTcPBWP-ne92iW1HmeNVijQXK8ie3hLq0fn3fc4QDM5h_roZw2Sr9Gjd4IARwiS66mMPAgltCyWwJjRjIeDnhNpzNKGyI5wmBxpTts9k2yux11u09yWMqjAPwNBl7je3VodoZH7D0-JTk5JpA&sai=AMfl-YShC2QjrTM8XOeNdwTO9ExErmK0wuMc90AFiocZZyEQ-BH9H0jDW9vMrZ-7UO1yL3oWnzSu5v9Z4cbCiGkWBRiO6L8TAda-msxq_5XWjzfZq1f63URTMESQ0mta3w&sig=Cg0ArKJSzL73pO7qedZuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: A4DC11E7FD7B035A43C7363623948FB6
Requests: 36 HTTP requests in this frame

Frame: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D892226EF43E3933A0DEB651908B0B5D
Requests: 9 HTTP requests in this frame

Frame: https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
Frame ID: 78C381B322D50B2C6A91B866B8BF77F6
Requests: 52 HTTP requests in this frame

Frame: https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Frame ID: 2E617392BD09B0D2C4F28EA0271E5264
Requests: 51 HTTP requests in this frame

Frame: https://www.betsson.com/br/apostas-esportivas?from=h_YD3EAcVQ4ScGzzG6TeX2Nd7ZgqdRLk-AD0971356814&affcode=AD0971356814&utm_medium=Affiliate&utm_source=10690583
Frame ID: 100F33FC6D6EE736341975F3B176D6F6
Requests: 1 HTTP requests in this frame

Frame: https://www.betsson.com/br/apostas-esportivas?from=h_YD3EAcVQ6jwNHOmFhywmNd7ZgqdRLk-AD0971356814&affcode=AD0971356814&utm_medium=Affiliate&utm_source=10690583
Frame ID: 22F103015D1D2F3D5529CE235ECFF61B
Requests: 1 HTTP requests in this frame

Frame: https://0556858879aa602f1fab37ad8058c9c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C4E01AF6CE17DA186F41FC54E53B66E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7B54AAB757A042A67B6C0FA104CB3DA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90BF423246A81115226C406E14C05476
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 53D04E18271E362AE4F8779F75307A34
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06A194802C70A0F745E2E1E30097A2AE
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3D4ECDA6014505CACB6629F8F4417D10
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 5A08A483057A04C96089843BEDADF3FA
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E908F6C3C89C18F0ABAA4ECFCA75D579
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 505953F58E3534A9ECDB550D2ED647E8
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1711295255546
Frame ID: 5B3FFEE416D107BBFB280AC82A7B2914
Requests: 17 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: EDF58C7D0E9EE81A45157F8EDCBC1261
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/9130551284904746
Frame ID: CFCE1DD67872B0EF042B91313C1F490A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/4149761049826027824
Frame ID: A0933BAC5F17550CAE76DE167484A2DC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LU5P0E09-20-9KBR?gdpr=0
Frame ID: 68EC06ECA825750F1E55253955AC0E48
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: ACF0B0D804E5D7167A950DCFB177B05F
Requests: 14 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/eda0faf5-8a50-44a0-9343-406524457b32&partner_id=1010
Frame ID: A45D724F9233B52D331551BD8ED76100
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/4ed5b5f8-898b-4e4a-a251-4540e4b19067
Frame ID: 87FEA1E66CBD2406A63204ABCD194724
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sovrn/IYAzALZHr3c3VmtaQJKuzN5p
Frame ID: CB344737C5916C094D3FC84D071C5DB5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/4786378512614543458
Frame ID: EBE168D650712BDA45930025FBCAC235
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adwmg/8831cf33-af7e-4001-89ff-3573a60f5628
Frame ID: 7979650236F3EBDDE013263F796110BC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=15B728CE-C9ED-446D-A3E3-69DAF01C123B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 676ADC4B4257510B0089627F987D1D54
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4149761049826027824&gdpr=0&gdpr_consent=
Frame ID: 60BEAE1F28285B01D24E16396FB818D6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMLk7MAJYAABSwYD5LgQ&gdpr=0
Frame ID: 3FD0D1DC9F9835B304AC6C04C409638F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/15B728CE-C9ED-446D-A3E3-69DAF01C123B
Frame ID: 924F78D0492F70533BCE4F1EE7C4D1E2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smaato/153adc3935
Frame ID: DB7B19FCB6E4BE0F8FE7AACBEEA84763
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

391
Requests

87 %
HTTPS

33 %
IPv6

64
Domains

119
Subdomains

78
IPs

8
Countries

6935 kB
Transfer

13752 kB
Size

167
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://image.staticox.com/?url=https%3A%2F%2Fwww.flipar.com.br%2Fwp-content%2Fs%2F2024%2F01%2Fpots-716579_1280.jpg HTTP 302
  • https://www.flipar.com.br/wp-content/s/2024/01/pots-716579_1280.jpg
Request Chain 13
  • https://image.staticox.com/?url=https%3A%2F%2Fwww.flipar.com.br%2Fwp-content%2Fs%2F2024%2F01%2FScreenshot_20240126_180100_WhatsApp.jpg HTTP 302
  • https://www.flipar.com.br/wp-content/s/2024/01/Screenshot_20240126_180100_WhatsApp.jpg
Request Chain 14
  • https://image.staticox.com/?url=https%3A%2F%2Fwww.flipar.com.br%2Fwp-content%2Fs%2F2023%2F07%2Fport-gbff78e97e_1280-e1689258003474.jpg HTTP 302
  • https://www.flipar.com.br/wp-content/s/2023/07/port-gbff78e97e_1280-e1689258003474.jpg
Request Chain 55
  • https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8 HTTP 302
  • https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Request Chain 80
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=87417315693 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=87417315693&google_gid=CAESENblKOdySgRR_FZqGe99xas&google_cver=1
Request Chain 81
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=c34d6600-4b14-4500-9d4f-fcfa994985b2
Request Chain 82
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Request Chain 211
  • https://record.betsson.com/_fcyyClJ_zrxrQFtIwXgbW2Nd7ZgqdRLk/65/ HTTP 301
  • https://www.betsson.com/br/apostas-esportivas?from=h_YD3EAcVQ4ScGzzG6TeX2Nd7ZgqdRLk-AD0971356814&affcode=AD0971356814&utm_medium=Affiliate&utm_source=10690583
Request Chain 218
  • https://record.betsson.com/_fcyyClJ_zrxrQFtIwXgbW2Nd7ZgqdRLk/65/ HTTP 301
  • https://www.betsson.com/br/apostas-esportivas?from=h_YD3EAcVQ6jwNHOmFhywmNd7ZgqdRLk-AD0971356814&affcode=AD0971356814&utm_medium=Affiliate&utm_source=10690583
Request Chain 298
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10318.K1GJrE3HbCA2HsConUvWDFfh0GJAh58Hiu6ri0wKRZ0QX_2Q2sZOcZAXcnPW5XOr.r5Acq8wGFFGkBMIc_CMlCRVVYeo%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10318.D4wxsXewdc8GdKuJ0wRFxNl_PS7O6J8pk46d81RSh0N31V2TW9M6QfeZVSnPUTO-T8frtKQRAsTfoGRUZVcUbnOpY7hbOl9-eT5jSM2Z2Rl1IfmHvSxLL2U6tWRzgC19dsfvDmQe62ixV9aj69qOD_GcjdeMUww6OxstSa04MlmelQ-S45xIbArOPnSVoR9vRHdppw7znAmH3STORAzuaJDoo6YRPx5hvz8xGyVV6Ko%2C.PEGKr11W5lJkkseZrdUlEZwJkOY%2C
Request Chain 303
  • https://mc.yandex.com/watch/92306955?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A2%3Adp%3A0%3Als%3A1492023204081%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A391442657%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
  • https://mc.yandex.com/watch/92306955/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A2%3Adp%3A0%3Als%3A1492023204081%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A391442657%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Request Chain 304
  • https://mc.yandex.com/watch/92138145?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A3%3Adp%3A0%3Als%3A503291346252%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A694303407%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
  • https://mc.yandex.com/watch/92138145/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A3%3Adp%3A0%3Als%3A503291346252%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A694303407%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Request Chain 305
  • https://mc.yandex.com/watch/92138039?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A1%3Adp%3A0%3Als%3A492509057756%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A466883460%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
  • https://mc.yandex.com/watch/92138039/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A1%3Adp%3A0%3Als%3A492509057756%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A466883460%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Request Chain 316
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fem-br.diariodetocantins.com%2F&domain=em-br.diariodetocantins.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=k7CJ-3xnMm1tRTJMcUZqS0hSUXErZ2FMampoT2pEcmNUMGFHQXZPbWxDOUdHL1h1TExkN1lSSXlEUjR2bEE5MWtZWEZRMlEwbW52Z0EvVEpnRjRnVVhNM1d3TjY0ZTBFQW51WXlKK1hiVFFNV2QxZ0RNWUttNWFRNWNvdEp3VzQybGZjek5HaTViYmFEb1RZRFEyWkZQT2ZmTkp5R1NqRWF1R3ZrMW4vbkRVUEptcmhBYUViaU1sUUxZUlloRjMzVndBbGNVQW5aOHUrOTBySDFvQW55RUZMdDNsRHFxMDdKbitUNGVOVWZ4RmpMVmM1ck5qMzlrN0VQZVBZMnNsM1NpTWgrWTZEbU10S1llbUIrSlhKQmlEZW9Pdz09fA&cppv=2
Request Chain 323
  • https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=onetag&ssp_user_id=v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=160&uid=bb5a3a8c-b7bf-4f68-9f29-d422c2b032b5
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=c34d6600-4b14-4500-9d4f-fcfa994985b2&gdpr=1&gdpr_consent=
Request Chain 326
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4149761049826027824
Request Chain 327
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=993e38d3ea708bfa6f1f832d2192ab8b&gdpr_consent=&gdpr=1
Request Chain 329
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%5BUID%5D&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=1&gdpr_consent=&uid=d9fe784a-a6c3-4f59-8c51-c922fc98c0f6
Request Chain 331
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjnElYtxc6MSnc16Ue1ZTjKWWChrukdREYw&gdpr=1&gdpr_consent=
Request Chain 333
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s
Request Chain 336
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=1&gdpr_consent=&uid=F0VD3wKpNJfI&ev=1&us_privacy=&pid=562985
Request Chain 337
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=5ee115e76df611b0&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGLbHcLYi4IwN8dFFAAAAAAAA&expiration=1711381659
Request Chain 345
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/9130551284904746
Request Chain 346
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/4149761049826027824
Request Chain 348
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LU5P0E09-20-9KBR?gdpr=0
Request Chain 350
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/eda0faf5-8a50-44a0-9343-406524457b32&partner_id=1010
Request Chain 351
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/4ed5b5f8-898b-4e4a-a251-4540e4b19067
Request Chain 353
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/IYAzALZHr3c3VmtaQJKuzN5p
Request Chain 354
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 302
  • https://cm.adform.net/cookie?CC=1&redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4786378512614543458
Request Chain 355
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGQ0NzU1ZWNjMWVhMjQyOTg4YmRjNzQwOWYzMmIyNDNlYWZlMmVjZQ
Request Chain 356
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LU5P0E09-20-9KBR&ex=d-rubiconproject.com&status=ok
Request Chain 357
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ppTyLluuIN3ol8VLGxDBKcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-avjQ.nVE2oJZjGXivhyRknrRP2tD2K_yC_WdVw--~A
Request Chain 358
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c9ad7683-3a73-484f-8bef-0e077d42ee57&gdpr=0&gdpr_consent=&expires=30
Request Chain 359
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFU1UDBFMDktMjAtOUtCUg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBON28VJVGGQ0T5fLFY7hmg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFU1UDBFMDktMjAtOUtCUg==&google_push=
Request Chain 360
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3tXDJw5JS5e5l4utpeLMqw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3tXDJw5JS5e5l4utpeLMqw
Request Chain 361
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=q98lGczWTAGfviqFZ74TnA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=q98lGczWTAGfviqFZ74TnA
Request Chain 362
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LU5P0E09-20-9KBR
Request Chain 363
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGXcHNJAlY6XcZ3dqSYVQJA&google_cver=1
Request Chain 364
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFMLk7MAJYAABSwYD5LgQ&expires=30
Request Chain 365
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LU5P0E09-20-9KBR HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LU5P0E09-20-9KBR
Request Chain 366
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LU5P0E09-20-9KBR
Request Chain 367
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4769d0af-d0e3-41e7-bd3c-3c0f821a2c29&expires=30
Request Chain 368
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LU5P0E09-20-9KBR
Request Chain 369
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LU5P0E09-20-9KBR
Request Chain 370
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LU5P0E09-20-9KBR
Request Chain 371
  • https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adwmg/8831cf33-af7e-4001-89ff-3573a60f5628
Request Chain 372
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=15B728CE-C9ED-446D-A3E3-69DAF01C123B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=15B728CE-C9ED-446D-A3E3-69DAF01C123B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 373
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4149761049826027824&gdpr=0&gdpr_consent=
Request Chain 374
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHeHkwN01BSllBQUJTZE4wUWdZZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFMLk7MAJYAABSwYD5LgQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=9130551284904746&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAFMLk7MAJYAABSwYD5LgQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9130551284904746%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9130551284904746&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFMLk7MAJYAABSwYD5LgQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9130551284904746%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9130551284904746&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAFMLk7MAJYAABSwYD5LgQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMLk7MAJYAABSwYD5LgQ&gdpr=0
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FbcozsntRG2j42na8BwSOw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 377
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=15B728CE-C9ED-446D-A3E3-69DAF01C123B HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=15B728CE-C9ED-446D-A3E3-69DAF01C123B HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2c4f1460-f954-451d-afb5-8afd57370489%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c9ad7683-3a73-484f-8bef-0e077d42ee57&ttd_puid=2c4f1460-f954-451d-afb5-8afd57370489%2C%2C
Request Chain 379
  • https://eb2.3lift.com/xuid?mid=7976&xuid=15B728CE-C9ED-446D-A3E3-69DAF01C123B&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=15B728CE-C9ED-446D-A3E3-69DAF01C123B&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 380
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTVCNzI4Q0UtQzlFRC00NDZELUEzRTMtNjlEQUYwMUMxMjNC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELshDM4lV9yXHvTFFMxXt7I&google_cver=1
Request Chain 382
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:652CDEFEC8A248CE8DF78CB0F4F5DAFA
Request Chain 383
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c9ad7683-3a73-484f-8bef-0e077d42ee57&gdpr=0&gdpr_consent=
Request Chain 385
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=15B728CE-C9ED-446D-A3E3-69DAF01C123B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QXBPGYhE2uXwVMkIb9HVawhBRw35oNw-~A&gdpr=0
Request Chain 386
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b3d30c3e-1b62-4b00-a5ad-f34dec10bcf1&gdpr=0&gdpr_consent=
Request Chain 387
  • https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smaato/153adc3935

391 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
em-br.diariodetocantins.com/ 		338 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccbc71e935a116b31b99217b0f9b550a84978374e077e6c0624790499097efb8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8697cccd885b4bc3-BUF
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sun, 24 Mar 2024 15:47:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ak5cJc7FM0HdYrIq5V5bF0tXZQXWL%2F7gEPn9o4sxugSA07OiFM974IlMXQnMUX4AFkK%2F8ShSCfQotiD9%2BVB41XJIFzyaBT5MM0lneiqE6bIHblDn%2FUvpcHMCc9%2F4NhjtTGjJQGPknP0WpzWUJDGCg%2FCxh8jIvOvFOqw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3752870
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-nyc-kteb1890060-NYC
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1711295251.230999,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
34, 5779
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c16a3225c4e84423e3301ada2387d06b0cf02b5e4c1db4866d1290f851eef14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28998
x-xss-protection
0
server
cafe
etag
528 / 19806 / 31082082 / config-hash: 14337009746000550812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 15:47:31 GMT
prebid.js
em-br.diariodetocantins.com/frontend/assets/scripts/ 		329 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/frontend/assets/scripts/prebid.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48910988cade04c93ad450a8d7b830cffe8c198449d5496508d499e9040a0274

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:34 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2XBLhER3%2BkVsUjzP5kiwGWJsj56ihE4EcPtD49ekQPITnEuhuDLumYCQGbHfrFd1kZcSEC1mALPa1sork%2BvXMm31dXY67lltuXC14vkXWzlDPvLWqqqsfAFD9p1Mp4rshky%2Fn4EpIZyHHbKtRTaFjM1gEJ%2FqQ%2FlG06g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8b9e84bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
capa.css
em-br.diariodetocantins.com/static/css/ 		411 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/static/css/capa.css
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b85acdd5179c9c5ac05966d659e2a63df50701783ac002e9bc4b87d00e14f6ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:32 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2P%2BJAovDS9VElKb9ZiCa6Jdf7TAOp1WV5EEqEiMgD9c4LX63EhnNdO2PT%2BgjM3XBdOIxV%2BuQVedcS4U6YxMWqfybPckYoQeCB%2FFeoGD0mTN8Ba6cabbHGioUnTLcvDmrthmRlMero0te%2FeOT3oe3jM3D5i1%2F0K9algU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd7bc864bc3-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
logo-uai-mobile.svg
imgs2.uai.com.br/UAI_2018/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs2.uai.com.br/UAI_2018/logo-uai-mobile.svg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.177.67 Ashburn, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 04 Dec 2020 13:30:00 GMT
server
nginx
etag
W/"a2b7c26-1ce0-5b5a3792dc87a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
expires
Sun, 31 Mar 2024 15:47:31 GMT
client
s.google.com/gsi/ 		0
0
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8faeaf8ed3dcd4436225abc6eb6fceda7c167d6617ac0013efa82a58dbaa118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://em-br.diariodetocantins.com/
Origin
https://em-br.diariodetocantins.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Mar 2024 15:47:31 GMT
content-md5
zBxyvBdiJXjIBs4sh0Ag0A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=12, mss=1294, tbw=2802, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
LpbQL8cna52wNwxmLk0Ln6yO9xJfZugwkKNkxMsJYQRXQNEaFHgGJ1x04a84kGfvFiml+uPmiJujznXUNO95HQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e933d52aac886cffa4f61d62c64ad6c6
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"38d01b2e547896b8fe55bd8ce379d1f8"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sun, 24 Mar 2024 16:04:28 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.130.13 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-130-13.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Sun, 24 Mar 2024 15:47:31 GMT
Last-Modified
Fri, 22 Mar 2024 18:46:10 GMT
Server
Apple
ETag
W/"43171-1711133170077"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
/
image.staticox.com/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.staticox.com/?url=https%3A%2F%2Fimgs.em.com.br%2Fem%2Fdevices-website.png
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c891 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2341cfb617152febffbedb3644f533ef57b120b960abcc48fa1b7f21741d187e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FCKIARH6IWU0g0LH9idLz7o6UBdNsz32%2F3qk1jXdcgi%2FQzhKRuBhAZQkDgldWtpp%2F5sOWGvlxVtxkd%2B%2BIzmyDGN8cCTQwUEn52yWFxvsoh0Hw97M2piR4Wc4x7f4YtAuUmCSLuJZUcsm3ZxFebXBIyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd94c254bd3-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
1_marielle_franco_ok-35725612.jpg
midias.em.com.br/_midias/jpg/2024/03/24/545x380/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/545x380/1_marielle_franco_ok-35725612.jpg?20240324080534?20240324080534
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afa99456af3878dac4faef2e726a15d599e566e51028d722f1645bda0368465a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/545x380/1_marielle_franco_ok-35725612.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Z0H7F0B1ADK8TJCF
age
58
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/545x380/1_marielle_franco_ok-35725612.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
47410
x-amz-id-2
3PIMq4dTNgMNqgNnjRazpTooZKoN4/2FaU968GR0YZWa612OVTamqWBE8fStqBucH0wb08AVp4g=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 10:54:00 GMT
server
AmazonS3
etag
"8500a4a1423ad612b9764e7a4fe64b57"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
179438429 156018140
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_inflacao_alimentos_fevereiro-35724725.jpg
midias.em.com.br/_midias/jpg/2024/03/23/545x220/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/545x220/1_inflacao_alimentos_fevereiro-35724725.jpg?20240323202256?20240323202256
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f13c66ea114b1f92a402401180138291bd146bbee51ec5e84b9515ca9f833ae9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/545x220/1_inflacao_alimentos_fevereiro-35724725.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Z0HANRFHBNEXXJW2
age
58
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/545x220/1_inflacao_alimentos_fevereiro-35724725.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
40773
x-amz-id-2
p2iEqhTHeCmZJZLgxibhwqVs55JRv4P6sDGcWjlLibZqxVEAB3x8g6+kmmK7rTW8Q6tsH1UMZk4=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 23:23:33 GMT
server
AmazonS3
etag
"e5641da6d144de70e4d9b80dfe2c1ed2"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
181797106 182845854
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_wge13901-35725164.jpg
midias.em.com.br/_midias/jpg/2024/03/23/545x220/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/545x220/1_wge13901-35725164.jpg?20240323214329?20240323214329
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
774716d58136f14f775c5a9c00f7e00a5e20ee441638ef36596b9caefa1754d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/545x220/1_wge13901-35725164.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
XJKXCDZBSVCTHHA4
age
14
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/545x220/1_wge13901-35725164.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
44776
x-amz-id-2
456QRoEsMAKdphL5XeBBa9vmxyPcarP4l+3lQvTHzWU8tx/tTf18+P/oTaHq5KozLQs31aiVZN4=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 00:43:35 GMT
server
AmazonS3
etag
"17eba2b018e5b46cc1da7b816813cd6b"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
177341737 183665511
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
pots-716579_1280.jpg
www.flipar.com.br/wp-content/s/2024/01/
Redirect Chain
  • https://image.staticox.com/?url=https%3A%2F%2Fwww.flipar.com.br%2Fwp-content%2Fs%2F2024%2F01%2Fpots-716579_1280.jpg
  • https://www.flipar.com.br/wp-content/s/2024/01/pots-716579_1280.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flipar.com.br/wp-content/s/2024/01/pots-716579_1280.jpg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Server
2606:4700:3034::6815:acc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qvSaqc0zNXEk4t8RDavYMHiN6b9U8sEG7eNUUz%2Bx7g%2FRS%2F5YO6K8pucW6ZulunWIY%2FgdcM%2FCVrKtnw2f7kk2GEsh07yT5hdFeefDKcI9TQDCpdohwBEESi%2BN0OirGfTWLeJUPX%2BIG8%2BucZhShhO19U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
location
https://www.flipar.com.br/wp-content/s/2024/01/pots-716579_1280.jpg
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd95c2b4bd3-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
Screenshot_20240126_180100_WhatsApp.jpg
www.flipar.com.br/wp-content/s/2024/01/
Redirect Chain
  • https://image.staticox.com/?url=https%3A%2F%2Fwww.flipar.com.br%2Fwp-content%2Fs%2F2024%2F01%2FScreenshot_20240126_180100_WhatsApp.jpg
  • https://www.flipar.com.br/wp-content/s/2024/01/Screenshot_20240126_180100_WhatsApp.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flipar.com.br/wp-content/s/2024/01/Screenshot_20240126_180100_WhatsApp.jpg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Server
2606:4700:3034::6815:acc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bzc5u2MWhgMuhVEQPdGHMWf10Inc0AMfi2WTRmC7D%2Fqc62dtrp0R2K2TkQceHLHQyBgQ2Vwxy3YGjNXMNzMa6HrrCoDA8pe2G7kM72LfRVIHR6wC%2F8GFijOgQBJRj5iI7k6t%2FX%2BJyS63X9J57ukeyOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
location
https://www.flipar.com.br/wp-content/s/2024/01/Screenshot_20240126_180100_WhatsApp.jpg
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd95c2d4bd3-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
port-gbff78e97e_1280-e1689258003474.jpg
www.flipar.com.br/wp-content/s/2023/07/
Redirect Chain
  • https://image.staticox.com/?url=https%3A%2F%2Fwww.flipar.com.br%2Fwp-content%2Fs%2F2023%2F07%2Fport-gbff78e97e_1280-e1689258003474.jpg
  • https://www.flipar.com.br/wp-content/s/2023/07/port-gbff78e97e_1280-e1689258003474.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flipar.com.br/wp-content/s/2023/07/port-gbff78e97e_1280-e1689258003474.jpg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Server
2606:4700:3034::6815:acc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UrEI0xhMwzTq2VSQynys8yuf7CZ0pLVokaCyj41%2Frhg6yR9lqlkI7ey2Yx0lQVO%2FBz9%2Bvy4wqXyBXI1p9CdmDbj0Ui3p0cb2e%2B7zmBG%2FxNf8VTbg9CJX2svJNPg8g49gPlMCyvAFbED9lfboDHW5HrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
location
https://www.flipar.com.br/wp-content/s/2023/07/port-gbff78e97e_1280-e1689258003474.jpg
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd95c2e4bd3-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
1_earth_11009_640-35728383.jpg
midias.em.com.br/_midias/jpg/2024/03/24/215x215/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/215x215/1_earth_11009_640-35728383.jpg?20240324121522?20240324121522
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2296cbbb75a76af577a51f0ef96b846baae1dd6fdd8ef58fea5e64c373f94a68
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/215x215/1_earth_11009_640-35728383.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
SZQ6NSNV35MTV6GN
age
21
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/215x215/1_earth_11009_640-35728383.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
83864
x-amz-id-2
O4yiNTF8mcq8ydSO4aTvEiVINPrrPGrqo07XcV+eg3/sKN3F0y7kyq2cjw5NMDTpjISJ1eV3psw=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 15:16:10 GMT
server
AmazonS3
etag
"6a174e301ad3a5f5cfcedb178061e7ea"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
201851543 197821971
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_montagem_flipar_games_easy_resize_com_-35727847.jpg
midias.em.com.br/_midias/jpg/2024/03/24/215x215/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/215x215/1_montagem_flipar_games_easy_resize_com_-35727847.jpg?20240324113546?20240324113546
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2012a5587b61404cc0997cb1c495da6e8fa58e5411ab5d12893908b8a1bb0ee0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/215x215/1_montagem_flipar_games_easy_resize_com_-35727847.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
2Z5TBWRYD9EKGVNR
age
3
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/215x215/1_montagem_flipar_games_easy_resize_com_-35727847.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
20616
x-amz-id-2
J44MUSGllOXO8viR+IeL51rs6evCussm7uYHi58WdEw0M8mj45hFnJvW7Lj6HxC0/eU9QKjhf2c=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 14:36:15 GMT
server
AmazonS3
etag
"007ed76cee17fb06e7a93ea649d2af0a"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
200704812 182821345
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_evtol_carro_eletrico_projetado_pela_embraer-35727335.jpg
midias.em.com.br/_midias/jpg/2024/03/24/215x215/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/215x215/1_evtol_carro_eletrico_projetado_pela_embraer-35727335.jpg?20240324113206?20240324113206
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f947b33f53dd68e8f3ba015337b10872be23061178f0d95f609bc91abd1f564
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/215x215/1_evtol_carro_eletrico_projetado_pela_embraer-35727335.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
2Z5S0JYNC2EZV6CF
age
3
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/215x215/1_evtol_carro_eletrico_projetado_pela_embraer-35727335.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
17227
x-amz-id-2
GvKiw1ml5j2YXWYc3MGxGvnIbj2FB86KOEdxc0E6vZHfza1N0OegCD/ol/hc8E4kACV5RA9EOgA=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 14:32:45 GMT
server
AmazonS3
etag
"2c55674602cd315191227cb25888f7f0"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
190751397 200771135
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_01_corantes-35726993.jpg
midias.em.com.br/_midias/jpg/2024/03/24/215x215/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/215x215/1_01_corantes-35726993.jpg?20240324110141?20240324110141
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b89c5c01abe999cc6fce25e3101f86a0a637b5fd8edb7f350b66e3446d1f642d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/215x215/1_01_corantes-35726993.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
W03BAXVKT6TN50CA
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/215x215/1_01_corantes-35726993.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
35036
x-amz-id-2
gaJoyoewdCu9kG1b6JrnCqDkZJPnSwmUf+VRgkN6Hk7AxRUnyo3HKOyHLw8CH5Jl6Q1iMfZcF/Y=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 14:02:28 GMT
server
AmazonS3
etag
"a666b20d4f18670782b73fe2c53c654e"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
194025000
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_maldives_1993704_1280-35726125.jpg
midias.em.com.br/_midias/jpg/2024/03/24/215x215/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/215x215/1_maldives_1993704_1280-35726125.jpg?20240324090921?20240324090921
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4f0e81d0fe72a98ab1e21520b04bcf2c9b6550eb25be2edf52bfb281d9a1d6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/215x215/1_maldives_1993704_1280-35726125.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
HWMMZRDQTFZBTWJE
age
66
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/215x215/1_maldives_1993704_1280-35726125.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
51294
x-amz-id-2
4hpcQaRGmYv6cyVNyHfMlxYkMxwaxyWja5WGAbI8mstatrPkjGbeZlZGGtijDAKgjkm+/vg9uQY=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 12:10:14 GMT
server
AmazonS3
etag
"7c4ee02b496afcd7486268e30eaaedb6"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
187010137 179869827
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_lollapalooza2018-35725652.jpg
midias.em.com.br/_midias/jpg/2024/03/24/215x215/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/215x215/1_lollapalooza2018-35725652.jpg?20240324084635?20240324084635
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18edc431b770bfb55900ff2f3b9d27ef553ef57d793545725a82d87ce8118021
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/215x215/1_lollapalooza2018-35725652.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
XJKPDY7Z9WHRSES8
age
14
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/215x215/1_lollapalooza2018-35725652.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
173028
x-amz-id-2
Qw725B7JcCn9tX2r7V9dZIGgn4Fe3mb2s1SpVk2Mj4PLKnJvUZrpTA/sEvqpA1FU8A3gTC01O2o=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 11:46:41 GMT
server
AmazonS3
etag
"a7dd381cc7781761e4e038819c22d3ce"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
169807741 181863280
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_01_zorro-35721417.jpg
midias.em.com.br/_midias/jpg/2024/03/23/215x215/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/215x215/1_01_zorro-35721417.jpg?20240323182924?20240323182924
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29d922afebc58f614e40c027c3168f1d351777fe47ad65e1f0bab957856facd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/215x215/1_01_zorro-35721417.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DFZATMSZQV8XYD75
age
13
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/215x215/1_01_zorro-35721417.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
13240
x-amz-id-2
aHVQw+7xcvtmc2mSlnIqWBmvPxDg96cr8CVabxyg/cE0oNKaDyD8X5zgQo1dnM6CXzOcQiH7gDc=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 21:30:13 GMT
server
AmazonS3
etag
"b04bd2ed29118e91f7e3f5c241ef0f56"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
132579637 72375923
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_01_zorro-35721418.jpg
midias.em.com.br/_midias/jpg/2024/03/23/215x215/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/215x215/1_01_zorro-35721418.jpg?20240323182852?20240323182852
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9551a0ce5320c1fa51bd30819ab1e9a111fd5d490729c746bce6821a2ccdb01
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/215x215/1_01_zorro-35721418.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DFZ8MRTRZ1MEXZ3C
age
13
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/215x215/1_01_zorro-35721418.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
13225
x-amz-id-2
lekXUsqAIIkKGrRfYse15QIrSVc8I7av7y2EqPCqqRBxHq7KsXNDaBmBEAuGG0hMHm8nKhrw+ug=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 21:28:53 GMT
server
AmazonS3
etag
"52fa94c2f87772fa210cb80c290b5bbd"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
136380643 127145821
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_01_noticias-35720826.jpg
midias.em.com.br/_midias/jpg/2024/03/23/215x215/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/215x215/1_01_noticias-35720826.jpg?20240323181824?20240323181824
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
067e01afab9a4b64f824fcd862adf4e8fb47d9a9bdc17e7b23d00335a0388842
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/215x215/1_01_noticias-35720826.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DFZCK1NHPVMDT2CE
age
13
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/215x215/1_01_noticias-35720826.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
69028
x-amz-id-2
Wq3TPKao3UmiNEENVHCj8RTGPiYd9G1laOmdwFcrJ9zuSMS1QGtFXYR0OkzU4M1cb/5u0+rrq00=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 21:19:20 GMT
server
AmazonS3
etag
"35215c0db6834266c0f9470bcb38817f"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
136249568 122586416
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_42_celeiro-35720331.jpg
midias.em.com.br/_midias/jpg/2024/03/23/215x215/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/215x215/1_42_celeiro-35720331.jpg?20240323173813?20240323173813
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b93d2435c7e3999741d92869e943c94dd6cf7ac7d5b72fee0c39abaf7c314d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/215x215/1_42_celeiro-35720331.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DFZ0318N97BQS68N
age
13
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/215x215/1_42_celeiro-35720331.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
18169
x-amz-id-2
2Cw66dz9upSJc+8wQU3tsgtkrfgw7aO3pTmOmcocPx2BgiiGI05yc39jVm4s1uwkwhHMN4oMtuA=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 20:39:10 GMT
server
AmazonS3
etag
"81aae04da56e932477e83c7e1da457bf"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
107689493 119869660
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_bar_da_dona_onca_cuzcuz_de_galinha_divulgacao_2_1-35719486.jpg
midias.em.com.br/_midias/jpg/2024/03/23/215x215/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/215x215/1_bar_da_dona_onca_cuzcuz_de_galinha_divulgacao_2_1-35719486.jpg?20240323170326?20240323170326
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bac1c6ad3a42d03211c7421edfd954aa50f3839c1b8b6ed164ac4004283a0e0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/215x215/1_bar_da_dona_onca_cuzcuz_de_galinha_divulgacao_2_1-35719486.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DBNV5R67N21V9273
age
28
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/215x215/1_bar_da_dona_onca_cuzcuz_de_galinha_divulgacao_2_1-35719486.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
21698
x-amz-id-2
GuvWVg5Ns54ESV0FcKwGxdBg/GUgBHxDUCQ/9Cx5QdOdpT/oXE3Q2bYMo3KvqF9s133cK3lN7xo=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 20:03:55 GMT
server
AmazonS3
etag
"8d1afc8dffc093ebf2ba5d67bd2f0552"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
115641432 119178989
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_405356655_18395598229014304_1494463800746428506_n-35718423.jpg
midias.em.com.br/_midias/jpg/2024/03/23/215x215/ 		210 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/215x215/1_405356655_18395598229014304_1494463800746428506_n-35718423.jpg?20240323164104?20240323164104
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e336b3aaad96c4282d4031e1b496e77a8255c232f9f7a6f05c7cb2ccdfa0b3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/215x215/1_405356655_18395598229014304_1494463800746428506_n-35718423.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DBNXRV8WRTQWPEW7
age
28
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/215x215/1_405356655_18395598229014304_1494463800746428506_n-35718423.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
215116
x-amz-id-2
V17178C9Hdj+1awC0+C9/8GipnaYbbOfrZFEWyXIUEmpQYHmPih+53Lusmk2KcNh+o5uOPCyvo0=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 19:41:58 GMT
server
AmazonS3
etag
"01ef5d8802949d53df812c359a02e2e9"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
108305689 110236536
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_flavio_dino-35728122.jpg
midias.em.com.br/_midias/jpg/2024/03/24/330x220/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/330x220/1_flavio_dino-35728122.jpg?20240324123827?20240324123827
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
879791a25b942ec6922c47fa4d667799bdca71b931523320357d969f20117249
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/330x220/1_flavio_dino-35728122.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
7AQJK2N2SABEETYK
age
40
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/330x220/1_flavio_dino-35728122.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
15967
x-amz-id-2
3vrm8RgGP6IqYt98UJhm8ZIsn3Fr+zWtOiuOSlPFg96sb8Ono1NRmbfifAIqDgYnjlypltMWSL0=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 13:57:05 GMT
server
AmazonS3
etag
"2672d4d582bd889e4f24d6ab9f073010"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
190586971 205226674
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_photo1711286376-35728408.jpeg
midias.em.com.br/_midias/jpg/2024/03/24/330x220/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/330x220/1_photo1711286376-35728408.jpeg?20240324122802?20240324122802
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffd3c34e7ab302d9208e4a68c695b05d013cbb943af914b5cf82995e0341fff7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/330x220/1_photo1711286376-35728408.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
AH2J1D70V9HDYRF0
age
73
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/330x220/1_photo1711286376-35728408.jpeg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
27002
x-amz-id-2
bRIJqlmXmPiVe3yx/bl/q6lywo66hAz1rDG5Q3U3A99PsXuQYOTISgzCoriowpjxZU81PFKMU1o=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 14:06:06 GMT
server
AmazonS3
etag
"168e65bb87d4e53b54c3424a01a11b25"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
205226290 202246820
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_71d8fe75_911d_4c14_9e7d_47a25f0742d1-35727544.jpeg
midias.em.com.br/_midias/jpg/2024/03/24/330x220/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/330x220/1_71d8fe75_911d_4c14_9e7d_47a25f0742d1-35727544.jpeg?20240324113538?20240324113538
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05d1311a307c6eaa11b905afae5e539597f90de661a61df7ef87d0cb2a6f94c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/330x220/1_71d8fe75_911d_4c14_9e7d_47a25f0742d1-35727544.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
2Z5TQ480P957HN56
age
3
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/330x220/1_71d8fe75_911d_4c14_9e7d_47a25f0742d1-35727544.jpeg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
16632
x-amz-id-2
7XmyT1R2ob0Ixx0Yd/U9hkMhovr9wiomazUtPN/1OrvV2gu7LDDvS8Kms/a23GPEmomPpp1SwGQ=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 13:21:01 GMT
server
AmazonS3
etag
"5d191cb07c71aca55c8bd67a130a2c53"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
202342840 197527299
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_aecio_4-35714655.png
midias.em.com.br/_midias/png/2024/03/23/330x220/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/png/2024/03/23/330x220/1_aecio_4-35714655.png?20240323153627?20240323153627
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a34691d36c7c01976177985b3fecb5388a77e192d09b36ffed8bc1b1e30c1c88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/png/2024/03/23/330x220/1_aecio_4-35714655.png
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
2Z5YW9V3K2H1TWDD
age
3
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/png/2024/03/23/330x220/1_aecio_4-35714655.png
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
116516
x-amz-id-2
1p7Bn3bt2vOlURF8SCAwQuFbgiT0wEETvE6wMcMoh/6DGMnIgQsd25lMBmiFSfE58JPDUiBD998=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 17:59:06 GMT
server
AmazonS3
etag
"c535f29438697b6d0383efc88d1cb978"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
x-varnish
183770455 183511757
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_6845684684684984-35727196.jpg
midias.em.com.br/_midias/jpg/2024/03/24/330x220/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/24/330x220/1_6845684684684984-35727196.jpg?20240324112220?20240324112220
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d304c5971b38b068407f491113b20e36ede88723108a15cab357fab5f135113c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/24/330x220/1_6845684684684984-35727196.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
2Z5MXX9J33HYE55D
age
3
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/24/330x220/1_6845684684684984-35727196.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
25328
x-amz-id-2
nHWkRj6v6JU8zlB0P9Ie3Ki5C0xbZ7/wv4Uu2f3B3i4E8AD1iil51DmOWsmxD96YS1ylyqEXG1Y=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 12:49:06 GMT
server
AmazonS3
etag
"c411a188124a928fb6194132eb5db2b9"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
191566996 183511754
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_aecio_1-35714896.png
midias.em.com.br/_midias/png/2024/03/23/330x220/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/png/2024/03/23/330x220/1_aecio_1-35714896.png?20240323153617?20240323153617
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
500f563b3617cf1a0de1f6974002e6d18f8fc25da6ed5ddb73ca13e813be54f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/png/2024/03/23/330x220/1_aecio_1-35714896.png
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
3FSMW042T32JQTF6
age
64
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/png/2024/03/23/330x220/1_aecio_1-35714896.png
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
119205
x-amz-id-2
KldwZphYcoPot2FDf6IDw1+JG9jdJeeBwgA42aAii0xsXBqJIZ6jiEdlwcOfE7cWBf7snvXvr/8=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 17:59:06 GMT
server
AmazonS3
etag
"34a27ee41795d003c639262872e4d43b"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
x-varnish
190517781 181405648
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_aecio_2014-35714862.png
midias.em.com.br/_midias/png/2024/03/23/330x220/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/png/2024/03/23/330x220/1_aecio_2014-35714862.png?20240323152918?20240323152918
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdd9890515bcef96860827859c1923c93664b1329cace8e4800f066b5ea3e710
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/png/2024/03/23/330x220/1_aecio_2014-35714862.png
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
GJBZWX90WRYZ1MKD
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/png/2024/03/23/330x220/1_aecio_2014-35714862.png
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
117955
x-amz-id-2
yUpSU4EXlNx3kAmEteuoMWDLyPh+bHKzcLcg3XfFNUyCEZnqroqHSo8g03xVqrRqt5MlGOKEvOU=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 17:59:06 GMT
server
AmazonS3
etag
"6d1a457a5f8b73b07b2c95e645125723"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
x-varnish
169280047
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_wge14001-35725215.jpg
midias.em.com.br/_midias/jpg/2024/03/23/330x220/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/330x220/1_wge14001-35725215.jpg?20240323215815?20240323215815
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7ca052d7f15c1bc39ceff27d257c2ceb201a2049ea1b82596a1be0e09a62c79
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/330x220/1_wge14001-35725215.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
6J6V4FX5SM3G2Y9H
age
17
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/330x220/1_wge14001-35725215.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
28264
x-amz-id-2
95BsT+otDfHogiBZHnU4YQGm7TuaeK/QD5hWL5MJ9OOC59TfhipNZ5VX8XHSWgmhqdta2eSmpfk=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 00:54:30 GMT
server
AmazonS3
etag
"4ccbb3d2654f0824c9c399fc9e444baf"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
151919416 142388200
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_wge13901-35725164.jpg
midias.em.com.br/_midias/jpg/2024/03/23/330x220/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/330x220/1_wge13901-35725164.jpg?20240323214329?20240323214329
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee1a1346f6df990e3aaec30b52c36e8cd65e2111f6b0b8b08a662fcd8be0cd78
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/330x220/1_wge13901-35725164.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
6J6XBSRXKNACQ018
age
17
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/330x220/1_wge13901-35725164.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
28653
x-amz-id-2
93kjgtyKnMxEMbidwWTLN9XLB5dh+gRD1BdouQhsQ6XeH5i4AUbM4MKtuR7id5FrXTSbyXdTvWU=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sun, 24 Mar 2024 00:43:35 GMT
server
AmazonS3
etag
"2da8a531fdd83e7c5454f8d0df28faef"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
146744404 152473718
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_inflacao_alimentos_fevereiro-35724725.jpg
midias.em.com.br/_midias/jpg/2024/03/23/330x220/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/330x220/1_inflacao_alimentos_fevereiro-35724725.jpg?20240323202256?20240323202256
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b94990828f4bdd2a14933ca73b6a8a49fb2eface5f736e4e424c8e492057631
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/330x220/1_inflacao_alimentos_fevereiro-35724725.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
PWZ43BWD99MFEATP
age
2
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/330x220/1_inflacao_alimentos_fevereiro-35724725.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
29329
x-amz-id-2
qmlEfpdj7XciVUjVf6LtAf/xvq9mo1H3xJYqUMtu9hW8a820qA7LBHn6FUhSmq1FRRe8777TXCU=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 23:23:33 GMT
server
AmazonS3
etag
"c941788566d7abe05ee544ff0721256b"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
157453271 152309173
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_congresso_reforma_tributaria-35724447.jpg
midias.em.com.br/_midias/jpg/2024/03/23/330x220/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/330x220/1_congresso_reforma_tributaria-35724447.jpg?20240323194415?20240323194415
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2900410dad661f2e9decfa8337f372ec315f7ecb387245f8cffa65b6b7f1201d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/330x220/1_congresso_reforma_tributaria-35724447.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
GSNGR6G24HVHTDDG
age
133
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/330x220/1_congresso_reforma_tributaria-35724447.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
34394
x-amz-id-2
2EgUnCx9dYz5YjMZIIGxeTMjFAoVY9MqW6y9Y7oC0bJO14KFy4gmgIZ7NxTvKnLgwu1lPO47+Dc=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 22:44:31 GMT
server
AmazonS3
etag
"a9f87890ce46250c6ddd67a19eff850a"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
154371072 149267612
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_pocos_caldas_minas_gerais-35724039.jpg
midias.em.com.br/_midias/jpg/2024/03/23/330x220/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/330x220/1_pocos_caldas_minas_gerais-35724039.jpg?20240323191928?20240323191928
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9540f77233c2819384755153b3c8c99dc5df9fa1025576c7f2a5673f645eb262
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/330x220/1_pocos_caldas_minas_gerais-35724039.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
0XFZYH2P2JXBHRBE
age
163
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/330x220/1_pocos_caldas_minas_gerais-35724039.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
31851
x-amz-id-2
puiC1wyb3RPDSwxyyhtQt9oZqoqw9yMqo+HH7EyN+4jyuLhhiIdVOCzQ/WRUAWYnDO6LS07UDsU=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 22:07:03 GMT
server
AmazonS3
etag
"4b4135be6cfcb3a858aa294fbdcc9f0b"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
150280230 156239817
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_divida_estados_haddad-35723900.jpg
midias.em.com.br/_midias/jpg/2024/03/23/330x220/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/330x220/1_divida_estados_haddad-35723900.jpg?20240323191911?20240323191911
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fa9a7ad6fa3d4cedfbf892195bd992b288937240a17d73bbc09d727d1090c6c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/330x220/1_divida_estados_haddad-35723900.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
0XFN8F78KTK2Y3YQ
age
163
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/330x220/1_divida_estados_haddad-35723900.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
16582
x-amz-id-2
bZkTQeE3UbsD2Cf67pEtrBujZqYgoSDvAxsWIyKQqqzZ+EOACrIIl1DtHnJOQMGZPuDhwMfPZDs=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 21:57:25 GMT
server
AmazonS3
etag
"49f45ad4d87c32e6b7403b6956b3a4e3"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
143075550 146451493
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
defatoonline-a22ea4240f.jpg
em-br.diariodetocantins.com/_midias/parceirosHardnews/20240324/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://em-br.diariodetocantins.com/_midias/parceirosHardnews/20240324/defatoonline-a22ea4240f.jpg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23edb8428b55d7a1d2370cb7b173da8a9ccca4827ee3c66d46c35c64a6692745

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:33 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IxrDaL%2Bs5%2FbprwV8N%2F0Mma%2BCJoZcf5VH6Yi9iwqOqebn9X59%2BM%2BmLEgKVZ04hOKoiZxx%2FiiqebxxFMS1lv%2Bhbov8ZKqbYvlZlNnLZVWCZMzd33sYHn2Df7ah3lMTlvZ5hLIyNWKqmU%2BMVT38PDWFMi%2BTFNncVRH0R1U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8b9e94bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
camaroes-no-acabaxi-1.jpeg
em-br.diariodetocantins.com/_midias/parceirosHardnews/20240324/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://em-br.diariodetocantins.com/_midias/parceirosHardnews/20240324/camaroes-no-acabaxi-1.jpeg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640fc7e6356cfd1fd66dde380e3c80fafa8ed8d0ced811d7b7395f058cafb2b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:33 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BdnlZJYD2TPkP6A1NTyXf0uTJDZvMmEod9q%2F8RTzWH8ZAs01uNzxOfyFzECoFnGGJ%2FaON5fS%2B65fdQ%2Blzz7qF3vBchp8CXzvJej%2Fnd80st1rdjl13dKO%2BOG6hjiMN5ERptY%2F%2BBZXNeY5CpRsuDHY%2FXAJzSAsTjVRD2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8b9ea4bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
J10_Lollapalooza-Marcelo-Thirty-Seconds-to-Mars-_02_Easy-Resize.com_-610x400-1-1.jpg
em-br.diariodetocantins.com/_midias/noataque/20240324/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://em-br.diariodetocantins.com/_midias/noataque/20240324/J10_Lollapalooza-Marcelo-Thirty-Seconds-to-Mars-_02_Easy-Resize.com_-610x400-1-1.jpg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a715287170bb847333ee762ecba71f896804274033cb121ccc766b66e9d7163d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:35 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1R%2F8RMbOuwWsKKBke2fMycSvxeQKIbiaFYWfwBK3%2BD%2BLjNo3dWnN6ARMNzSbU8vYIXLrDgJir8rfeBSnHRCTz1ghNa7yq5WC%2BeMrspxxWfXXBRxjYnlmT5h%2BSYe3pOVI6T6Ow2BcOTvAeMfuEYIuo%2B%2Fq217QO%2F5mbes%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8b9eb4bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
Jenna-Gray.jpeg
em-br.diariodetocantins.com/_midias/noataque/20240324/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://em-br.diariodetocantins.com/_midias/noataque/20240324/Jenna-Gray.jpeg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea7bba8251eacaded6c5e37106eb6f92ccf44d0ae9116da999ecd2c90eef33bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:36 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FLcTwHUNJALc7aIMDfKHfWkpP868b5TrbCFYDTYY4n%2Fzqk8S7wQpk%2FnyDE5ONvqC1L86jy2p%2Bci9hFbxa7LRO57q8wlvaTzjIJFwh6Fz5PbgRLLBNOFSBi%2Ftn%2BJ5RtJ4S3zpOYl9OzXnc2pxE7SOWYM%2FBBgDa0NrLSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8b9ec4bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
Popo-Freitas-x-Guilherme-Grillo.jpeg
em-br.diariodetocantins.com/_midias/noataque/20240324/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://em-br.diariodetocantins.com/_midias/noataque/20240324/Popo-Freitas-x-Guilherme-Grillo.jpeg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8db85f6798bccdc6e8b471758334d5182d17f54bf8788f51d93abafc14e289b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:32 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3w01XlSVNL7Ns%2F0GITjeGAdhbNfq8t7Upl1M4EPgGSB3nRjeOUgc1VQuViWMc4wSHCCddZfY3KV5yjhuxPVPZl81etfGGj%2Be34jmYFLDugt1rlDnJeI%2FmLc%2BiG%2BtMyjyz8e03%2FmjbZ5UJXlOtd%2F9THTSGJMoCb2jLY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8b9ed4bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
Captura-de-Tela-2024-03-22-as-16.27.57.jpg
em-br.diariodetocantins.com/_midias/aqui/20240324/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://em-br.diariodetocantins.com/_midias/aqui/20240324/Captura-de-Tela-2024-03-22-as-16.27.57.jpg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a032adc0e3f07da4b0b77f9fbf6e11b934f8e570c0422a656a9f98a5ac78568d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:33 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8QPDgjyKrH4WzeVgRRf0K9%2FHG6AeC8suBd6GdXLevacc2VwwQVPF%2F7vFbNruUR0oe%2FH9T0p1VD4saajcgl1dGSHeCD9HImWso7N%2Bm1RvBfWSqO8j7hE3qx52VBCGwkBeUUBRfaRwQyHtgaDD1%2BlvlhogUpLgokHqlCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8b9ee4bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
steve-e-dustin-em-stranger-things_1_52019.jpg
em-br.diariodetocantins.com/_midias/entretenimento/20240324/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://em-br.diariodetocantins.com/_midias/entretenimento/20240324/steve-e-dustin-em-stranger-things_1_52019.jpg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d714adfd401407217f9f9140b1fe87e33f2acfe3484488444f94de00b8e6bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:35 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AlKv0rIry9Y8R5eZBxv%2Bnp0uNKvuJ2OijoxQaAPOcDiM50MzfUyX0goSViu4D%2BUEvoLtQq8TdyD4wz%2FqEUboIc%2FGRhVkx5cUnUx9hg7zYE3BfUQQ815df4jzqeX8EKUqBp3YLg5LqCoSrN03pQ4jUbqBuprz8FDDh2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8b9f14bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
gabi-martins_1_63769.jpg
em-br.diariodetocantins.com/_midias/entretenimento/20240324/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://em-br.diariodetocantins.com/_midias/entretenimento/20240324/gabi-martins_1_63769.jpg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c542b975886e5e96401f2a417db5f9bcfc116dc9daaf388db8500dd1765ae7f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:36 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3jzExybVIjOvGrR4UB5X%2BBxi9DoSlKsJhutvKGue45%2Bg1jH5c%2Fqs0OQfkJFRgYX8P4k8qnNjIRyxahjTAf5vHvWue2SiCBqxDyp4m7UWm2hQ47G9FY1URdTbpG%2B%2F%2BncXrE%2BapflAqDZy3SYpKcdtbcsz4VBFe7Drt8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8b9f24bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
email-decode.min.js
em-br.diariodetocantins.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 10:35:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65fc0d6b-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lCpP9HFPEuqw0SRZ3EXqvaaNmJUi0fEG3gAnR1a8wWcggVjX3y%2FeKIqHqGSibtYHlt0AbhQcuaRoPHMR1KRDFWigDONUqTiyA%2FaCZd4OvcmnRoK2cCnDVAAVIefrfhXkpM6VMaWYBjKABIsfb4rTb3yET27sv8upUI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8697ccd899e24bd2-BUF
expires
Tue, 26 Mar 2024 15:47:31 GMT
actionsHeader.js
em-br.diariodetocantins.com/static/js/ 		244 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/static/js/actionsHeader.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa3d5185bc662b61963947aa982da80ed6532df90da1c05a18320564ead297f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:32 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OT2Sjyif3mU7kdWI%2BuG7Yzju0uDEjnt%2F0baB6t1ZNTsOWHjULwUmsUc76k3jlL4lKNZ26dREyWuHOxEys5yzpwQcEcedvpgOkNXo%2F2N9UlSDgh%2BjQ0tpmV8UiE5rgHjg%2BMO51VHazr%2B8fsF92wxUY%2BYI2GOkXGyBVyA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8a9e34bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
capa-new.js
em-br.diariodetocantins.com/static/js/ 		856 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/static/js/capa-new.js?v=8
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffd0c0d08001cc5e5a7b09fb64d2d32afd861682d211a7276aadaf93afefcd4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vM0w8rdKFzTNCOFTIb5dOCk8NaxJ4er%2FfROrHOoa%2FhZVJF%2FCnuAkn3Z1aNpcaRlttylWrLTiMZRmLnpAjc9k1dJFew0fKBuCyc%2FeEUMd%2BhK9yNZIZp6SKPg6ZQ8DJDgLZ0dwEZoNdNRe6NTLLYxy6A3GZxI5qpp9LjI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8a9e44bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
swg.js
em-br.diariodetocantins.com/static/js/ 		244 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/static/js/swg.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cfa72225ea987be7a1191670437b63dd723b85497b6feef3fc3e1567a57a30a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:33 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vs6dLl1dg%2BrWvdhNvlYRAdqxcapHf%2Fzlv9Lk5Odc%2BFYqszg4GHPCxAogBAu4TwiJM7lAu6pkfmWO9ys9dZtCN6RuqfyAEy2%2FhPnLI%2FE9gUtw9ho7WBBY%2BGDrbD6Ef0oZG3eS0PMQhkdRsS2dSUNyDtDC8TR3tZA%2Bbik%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccd8a9e54bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
2200540f09f939738419313a1a090c32.js
demiseskill.com/22/00/54/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 24 Mar 2024 15:47:31 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
a032b4d33c8aea68a4f9b84235614bff.js
demiseskill.com/a0/32/b4/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 24 Mar 2024 15:47:31 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
script.js
vmuid.com/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.234.204.80 Edison, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
nginx /
Resource Hash
b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 24 Mar 2024 15:47:31 GMT
Server
nginx
Accept-Ch
Sec-CH-UA-Platform-Version
X-Cache-Status
MISS
Content-Type
text/javascript
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
10178
sdk.js
pupspu.com/
Redirect Chain
  • https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
  • https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
56 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
HTTP/1.1
Server
142.234.204.80 Edison, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
nginx /
Resource Hash
de5b43f8ca77c8f8c2a3a46532f1dfa50dd3c1bc627f6ec5dbc92a081f62256b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 24 Mar 2024 15:47:31 GMT
Server
nginx
Accept-Ch
Sec-CH-UA-Platform-Version
X-Cache-Status
MISS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
57250

Redirect headers

Date
Sun, 24 Mar 2024 15:47:31 GMT
Server
nginx
Accept-Ch
Sec-CH-UA-Platform-Version
X-Cache-Status
MISS
Access-Control-Allow-Origin
*
Location
https://pupspu.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
survey
survey.g.doubleclick.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/survey?site=_koy77ud4ochgasubjk5frm3ksy&url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&cid=everything&random=1711295251270
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::8d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
server
Google Frontend
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
x-cloud-trace-context
c04b694ebe3b83a583b5da997ed691fa
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		257 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6136706e4e971c3c94e30576a0618a2e0d81130b748157ccd12af7bb9c7115c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89311
x-xss-protection
0
last-modified
Sun, 24 Mar 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Mar 2024 15:47:31 GMT
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
3052
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8697ccdbd80c4bcc-BUF
expires
Sun, 24 Mar 2024 15:29:48 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		301 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.51.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-51-31.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a074dabf4f78aa9947cfb599cacba3569a762db57f71bb9494772f91883da8c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 14:52:51 GMT
content-encoding
gzip
via
1.1 98e30e5953336545df428a8f5923a288.cloudfront.net (CloudFront), 1.1 e14296585c8339d0a32f7c1d34fc00f2.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 21:31:23 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD55-P2
age
3281
etag
W/"e60d688a72d9174b66a78861d6270461"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
JvQRqjV8GP7BWGnFI49TjGhdipXNq789gKJY4fZzlAj0A5Dh5W7WFw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/ 		438 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 01:59:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
49704
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141049
x-xss-protection
0
server
cafe
etag
7927512453849819874
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 24 Mar 2025 01:59:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		72 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=em-br.diariodetocantins.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fae95fc957c1950e1e0e498f631e05fec5ded2799231088f7f477c0417a79c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55
x-xss-protection
0
expires
Sun, 24 Mar 2024 15:47:31 GMT
roboto-regular.woff2
em-br.diariodetocantins.com/static/fonts/ 		90 B
662 B 		Font
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/static/fonts/roboto-regular.woff2
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50f3109ece70eab3f8066fa0f2cb707f0e26e5cc3d2915ea35e8e9cdcb622eab

Request headers

Referer
https://em-br.diariodetocantins.com/
Origin
https://em-br.diariodetocantins.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:33 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Br9aYlGcWF0T%2FmtHJVMRcNCp17FutYYgZMS7cZoSqbSdHZ%2B2xzoTSnHH0cO0a6p2qWGczX0TC%2FOtVr7%2Fc9%2BwiOIujcPkrd6Q9VeQ1vpZHarcyoclwCsXZyH1rFKB%2FaOTZNHyUqZzF46THBXa0GfQQz5Z4StJkPl%2Fw2o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccda6a9c4bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		253 KB
58 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1453300635124221&correlator=2646164266210752&eid=44809527%2C31082164%2C31082082&output=ldjh&gdfp_req=1&vrg=202403190101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&sfv=1-0-40&ists=63&fas=0%2C0%2C8%2C0%2C0%2C0&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1711295251616&lmt=1711295251&adxs=0%2C0%2C-9%2C-9%2C-9%2C-9&adys=0%2C0%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&vis=1&psz=1600x0%7C1600x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x0%7C0x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=0%2C0%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1584523209.1711295252&ga_sid=1711295252&ga_hid=714421195&ga_fc=false&dlt=1711295251129&idt=422&prev_scp=formato%3Ddhtml-1x1%26pos%3D2%7Cidentificador%3Dpublicidade-slider-1x1%26formato%3Dslider-1x1%26pos%3D3%7Cidentificador%3Dpublicidade-interstitial%7Cidentificador%3Dem-publicidade-patrocinio-1%26formato%3Dpatrocinio-1x1%7Cidentificador%3Dem-publicidade-patrocinio-2%26formato%3Dpatrocinio-1x1%7Cidentificador%3Dem-publicidade-patrocinio-3%26formato%3Dpatrocinio-1x1&cust_params=unified_id%3D5007ac3f-ffe1-4058-99f1-840e3df9897a%26_type%3Dguest%26paywall%3Dtrue%26testeab%3D2%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cem-br%252Cdiariodetocantins%252Ccom%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%2520-%26tagsofpage%3Dnot%25C3%25ADcias%252Cminas%2520gereais%252Ceconomia%252Cpol%25C3%25ADtica%252Cnacional%252Cinternacional%252Cci%25C3%25AAncia%252Csa%25C3%25BAde%252Cloteria%252Cconcurso%252Cresultado%252Cestado%2520de%2520minas%26subtitleofpage%3DAcompanhe%2520as%2520%25C3%25BAltimas%2520not%25C3%25ADcias%2520e%2520fique%2520bem%2520informado%2520sobre%2520tudo%2520o%2520que%2520acontece%2520em%2520Minas%2520Gerais%252C%2520Brasil%2520e%2520no%2520mundo.%26reload%3D0&adks=937864173%2C358948280%2C3975483387%2C354791774%2C354791775%2C354791768&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19ba37dd296e46c0885405117edc40629931d1077b914e131d5b6ff46a7c372a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58998
x-xss-protection
0
google-lineitem-id
6107032441,-2,-1,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403973226,-2,-1,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DDF6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 15:47:31 GMT
expires
Mon, 24 Mar 2025 15:47:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl_page_level_ads.js?cb=31082082
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96b429351bef3c8cc82b74e73fd559fa4dde0330788e13ec378308c29d5417f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 01:56:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
49859
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15238
x-xss-protection
0
server
cafe
etag
6913313005948454676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 24 Mar 2025 01:56:32 GMT
89454
tag.navdmp.com/u/ 		507 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/89454
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a4a88f417264926d8c52323a80416fed1bd8162185a490021b10a5318b4971

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 17 Aug 2023 12:40:42 GMT
server
cloudflare
etag
W/"64de154a-1fb"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8697ccdc182c4bcc-BUF
expires
Sun, 24 Mar 2024 16:47:31 GMT
js
www.googletagmanager.com/gtag/ 		279 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ee4ed444fe54c21992cc4487922aa78b228172c1d12e194504ea5e2e22da9054
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96966
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Mar 2024 15:47:31 GMT
centralizador.html
barra.uai.com.br/ Frame 7BB6 		739 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://barra.uai.com.br/centralizador.html?origem=https://em-br.diariodetocantins.com/
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.177.67 Ashburn, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
926cfdbcb7e64be5b911524c61c376f4d33faa2535486a2cebadb34153ed7529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=2592000, s-maxage=1296000, proxy-revalidate, stale-while-revalidate=19
content-encoding
gzip
content-type
text/html
date
Sun, 24 Mar 2024 15:47:32 GMT
etag
W/"58a88be0-2e3-54fe3383940c0"
last-modified
Fri, 19 May 2017 16:43:23 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
t3m.js
tags.t.tailtarget.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-10258-0/CT-142
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
729ef5dba5dd3dfa5fb679668748d75561ac5f610d818a6ba8f057e8040112b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:41:13 GMT
content-encoding
gzip
via
1.1 google
age
379
x-guploader-uploadid
ABPtcPoWIQl_62QIkvH7ahZGZi7VCE9GpqvUPJHmgq_LX_lZ2uZDY-Cem1EXcMR1lHZNAo4EMZwkdBSrXA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6274
last-modified
Fri, 25 Oct 2019 19:37:34 GMT
server
nginx/1.8.1
etag
"664b1613d7439b3addaf3096d741aa27"
vary
Accept-Encoding
x-goog-generation
1572032254559073
x-goog-hash
md5=ZksWE9dDmzrdrzCW10GqJw==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
6274
accept-ranges
bytes
expires
Sun, 24 Mar 2024 17:41:13 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/launchpad-liveramp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-80.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbc0a19af52226a93e42bc25c8896146174763c549ed22e6708b8db85db5641d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
OU1YUP7a9LDvt3kqgXcmD3JxbGQ0Oc42
content-encoding
gzip
via
1.1 f7a96eacae195ce7e3982601464ebc84.cloudfront.net (CloudFront)
date
Sun, 24 Mar 2024 10:47:14 GMT
x-amz-cf-pop
YUL62-C2
age
18505
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Fri, 21 Jul 2023 16:46:52 GMT
server
AmazonS3
etag
W/"506b77334f6f1b5820e62dd0b41d4b37"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
gSIzK4stjraSUM88v4egxnTEGZwaPCY7fuVwKvGbDUZlvdNamtnohA==
e896768a-4818-43b9-8848-9bdc9a567fdb
config.aps.amazon-adsystem.com/configs/ 		563 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/e896768a-4818-43b9-8848-9bdc9a567fdb
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
eabde966a5c312aedbdf70b25906c72414488c8902e3b49fc643f61b4a1c9cca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 14:59:07 GMT
via
1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
2905
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
5BHb3a1MoyVEDr4adrPZikfb-oZEnA0O5Ff09gOdvhsjCnaoT6ZIXQ==
config
c.amazon-adsystem.com/cdn/prod/ 		647 B
1012 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fem-br.diariodetocantins.com&pubid=e896768a-4818-43b9-8848-9bdc9a567fdb
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.51.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-51-31.iad55.r.cloudfront.net
Software
Server /
Resource Hash
6a168c5162134320b24bd4d33dcc17aca8607090021f791cffc523d6463e19fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:20:17 GMT
via
1.1 e14296585c8339d0a32f7c1d34fc00f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD55-P2
age
1634
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
647
x-amz-cf-id
8604XYLX3Kcs49EMijWcpo7G4NWRlkqIlYYH8LkVy0fGJX1GAS8tAg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.51.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-51-31.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:33 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
GMBw8BgTI71q_LkenOFMVa_bco0ttifD2Pm3gIfKCz70UqXGe2WHZg==
usr
usr.navdmp.com/ 		359 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=89454&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ea6699216ca5e92633a48b580c1d3d0e91b808dd4b6c84b5425ff50f3f1cf3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
public
date
Sun, 24 Mar 2024 15:47:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
8697ccdd28914bcc-BUF
expires
Sun, 24 Mar 2024 16:47:32 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/launchpad-liveramp.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-80.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbc0a19af52226a93e42bc25c8896146174763c549ed22e6708b8db85db5641d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
OU1YUP7a9LDvt3kqgXcmD3JxbGQ0Oc42
content-encoding
gzip
via
1.1 f7a96eacae195ce7e3982601464ebc84.cloudfront.net (CloudFront)
date
Sun, 24 Mar 2024 10:47:14 GMT
x-amz-cf-pop
YUL62-C2
age
18505
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Fri, 21 Jul 2023 16:46:52 GMT
server
AmazonS3
etag
W/"506b77334f6f1b5820e62dd0b41d4b37"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
at-r9XBa7ANikyoKeQPRuwq7DFJzJRoX-BKSwOCZmu2uLVrYMdaSiA==
container.html
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6C68 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 15:47:32 GMT
expires
Mon, 24 Mar 2025 15:47:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KFBFMPM6S4&gtm=45je43k0v884805283z876977402za200&_p=1711295251271&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1584523209.1711295252&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711295252&sct=1&seg=0&dl=https%3A%2F%2Fem-br.diariodetocantins.com%2F&dt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&en=page_view&_fv=1&_ss=1&tfd=2750
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
185 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KFBFMPM6S4&cid=1584523209.1711295252&gtm=45je43k0v884805283z876977402za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=145a7a616dfbf8dd69d8d0d95710%7C0&acc=89454&tit=Jornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25EDcias%2520Online%2520-&url=https%253A%2F%2Fem-br.diariodetocantins.com%2F&upd=1&new=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8697ccde89144bcc-BUF
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=87417315693
  • https://sync2.navdmp.com/sync?prtid=2&id=87417315693&google_gid=CAESENblKOdySgRR_FZqGe99xas&google_cver=1
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=87417315693&google_gid=CAESENblKOdySgRR_FZqGe99xas&google_cver=1
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8697ccdfb97a4bcc-BUF
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=87417315693&google_gid=CAESENblKOdySgRR_FZqGe99xas&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=c34d6600-4b14-4500-9d4f-fcfa994985b2
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=c34d6600-4b14-4500-9d4f-fcfa994985b2
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
8697cce079c74bcc-BUF
content-length
43
content-type
image/gif

Redirect headers

Date
Sun, 24 Mar 2024 15:47:32 GMT
Server
MT3 1549 cea2cde master ord ord-pixel-x22 config_version:"3549"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.navdmp.com/sync?img=1&mdia=c34d6600-4b14-4500-9d4f-fcfa994985b2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 24 Mar 2024 15:47:31 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.106 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.106
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date
Sun, 24 Mar 2024 15:47:32 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.106
content-length
344
content-language
en
css
fonts.googleapis.com/ Frame FFBB 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Mar 2024 15:47:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Mar 2024 14:55:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Mar 2024 15:47:32 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240321/r20110914/client/ Frame FFBB 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240321/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 01:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
50057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Apr 2024 01:53:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240321/r20110914/ Frame FFBB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240321/r20110914/abg_lite_fy2021.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 00:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
53386
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Apr 2024 00:57:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240321/r20110914/client/ Frame FFBB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240321/r20110914/client/window_focus_fy2021.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 03:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
42941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Apr 2024 03:51:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240321/r20110914/client/ Frame FFBB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240321/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 19:36:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
72652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8355
x-xss-protection
0
server
cafe
etag
17564575596476239644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 19:36:40 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FFBB 		206 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:01:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 16:01:11 GMT
ef5ce9b2b01bfb848267c2a4546556c1.js
www.gstatic.com/mysidia/ Frame FFBB 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 09:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15234
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 14:59:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 22 Jun 2024 09:05:53 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240321/r20110914/elements/html/ Frame 6C68 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240321/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 17:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
80218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9112
x-xss-protection
0
server
cafe
etag
499061885667062015
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 17:30:34 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6C68 		205 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 14:45:00 GMT
x-content-type-options
nosniff
age
3752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 24 Mar 2025 14:45:00 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6C68 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:31:23 GMT
x-content-type-options
nosniff
age
969
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 24 Mar 2025 15:31:23 GMT
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-97.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fe4b16f14fbab784667a876b5b687b1278e692b64a5e5b04e2da18bbd3de52

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
.0smH5v3yC0Mj5CY0Yn4_OXkkced__tN
content-encoding
br
via
1.1 95a3dd023df73736e8ea01cca5036ec0.cloudfront.net (CloudFront)
date
Sun, 24 Mar 2024 15:41:19 GMT
last-modified
Mon, 26 Feb 2024 08:21:44 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
374
x-amz-server-side-encryption
AES256
etag
W/"a92f9ecbaf5821d1d35c439a0dc33104"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
8cJwwbnE-xpf3pVgd8HpVaQQHclAzhUhBlx2bMghemvoRObJRQkpnA==
profiles.js
d.tailtarget.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 03:37:58 GMT
content-encoding
gzip
age
43774
x-guploader-uploadid
ABPtcPrkXEn-1h-TvMdJEZTGboU3O6ymMgScFhWw4gIBPsxwlTsedmbJ4jF1_69f5nzrxN1vTC1MA5G5bg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5287
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"275a2ca262b6a5880df533bb6481142a"
x-goog-hash
crc32c=Z8R9Yw==, md5=J1osomK2pYgN9TO7ZIEUKg==
x-goog-generation
1694696370292847
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5287
accept-ranges
bytes
expires
Mon, 25 Mar 2024 03:37:58 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fem-br.diariodetocantins.com%2F&pid=TaBFZSmDUrlyJ&cb=0&ws=1600x1200&v=24.319.2210&t=2000&slots=%5B%7B%22sd%22%3A%22em-publicidade-ancorads%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22990x100%22%5D%2C%22sn%22%3A%22%2F6887%2Fuai%2Fem%2Fhome%22%7D%2C%7B%22sd%22%3A%22em-publicidade-rasgado-1%22%2C%22s%22%3A%5B%221190x250%22%2C%22750x200%22%2C%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22980x250%22%2C%22990x100%22%5D%2C%22sn%22%3A%22%2F6887%2Fuai%2Fem%2Fhome%22%7D%2C%7B%22sd%22%3A%22em-publicidade-retangulo-1%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F6887%2Fuai%2Fem%2Fhome%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=2eca3786-89f4-4c73-bf46-4d9e61ffd73c&pubid=e896768a-4818-43b9-8848-9bdc9a567fdb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.62.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-62-209.iad89.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:31 GMT
via
1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://em-br.diariodetocantins.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
dRhhyrqlbeSdKCZohkK0xxbGlPAPSacQmf2xfm7p7G1RWj0fyGwkgg==
9Ys6ylR7BmMFW6AtKirVz8ib_43m63qHIw-DpApmo9o.js
pagead2.googlesyndication.com/bg/ Frame 561D 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9Ys6ylR7BmMFW6AtKirVz8ib_43m63qHIw-DpApmo9o.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f58b3aca547b0663055ba02d2a2ad5cfc89bff8de6eb7a87230f83a40a66a3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 04:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
298261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20296
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 16:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 04:56:31 GMT
profile
tt-10258-0.seg.t.tailtarget.com/ 		92 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10258-0.seg.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
geo.privacymanager.io/ 		30 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-111.yul62.r.cloudfront.net
Software
/
Resource Hash
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

Accept
application/json
Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Mar 2024 06:25:44 GMT
via
1.1 7dc4818c830423900ae855831181d2b8.cloudfront.net (CloudFront), 1.1 bc3e3445494dc5a4f9373d4212505c68.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, YUL62-P1
age
33708
x-amzn-requestid
ccdfc922-3d9a-4f83-908f-b0d3dde34b3e
x-amzn-trace-id
Root=1-65ffc768-4eb68f220c919cdd1cbbe168;Parent=223ee10a949494e2;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
VHwYTGNBDoEEiEQ=
content-length
30
x-amz-cf-id
Z1uyg9u5YeNLX7oM7QLRWfbYkEQ3rb1nhnc4B1UwfM7J-mncK6prnA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-111.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://em-br.diariodetocantins.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 24 Mar 2024 15:47:32 GMT
via
1.1 726979f71f252186e97d38202269f636.cloudfront.net (CloudFront), 1.1 bc3e3445494dc5a4f9373d4212505c68.cloudfront.net (CloudFront)
x-amz-apigw-id
VJCrUGIHjoEENFA=
x-amz-cf-id
mJhGa5jkIGbhszUZNnlFvgpT864O9pqBbvNYiixQd4aK1oYrWmggGA==
x-amz-cf-pop
YUL62-P2 YUL62-P1
x-amzn-requestid
d1eb4004-151e-46d2-b1cd-d1d2b70bc07d
x-cache
Miss from cloudfront
roboto-regular.woff2
css.em.com.br/em/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.em.com.br/em/fonts/roboto-regular.woff2
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/static/css/capa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.66 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
a0516d91dead3fa38bef64683d087460753209e723db56ce3ee1fcb1dbd84162
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://em-br.diariodetocantins.com/
Origin
https://em-br.diariodetocantins.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 26 May 2017 18:17:48 GMT
server
nginx
etag
W/"55e5bdf4-4d20-550715ac5eb00"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 31 Mar 2024 15:47:33 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240321/r20110914/ Frame 600A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240321/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 00:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
53386
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Apr 2024 00:57:46 GMT
6558.js
cnt.trvdp.com/js/869/ Frame 600A 		481 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/869/6558.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-40.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759bed2ca060eaca61886f857fcc79759e16d47c6668a97114b2cc18876ba3e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 01:54:38 GMT
via
1.1 f7a96eacae195ce7e3982601464ebc84.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 16:02:26 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
21563575
etag
"99e0069440d824199286a54fd40c6347"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
481
x-amz-cf-id
d5viIp8PU6M3UzrVWKdWMlQQeH2q_-JZ4vDXzj5rfRykDxviDCfsuA==
truncated
/ Frame 600A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c24e2a548afb65e3d77e4107e9a0b8718125110d6f1990ee260e16d91388a500

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 600A 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv16xkaZsQLgDOclguJOy5e_XmtmEy_VsgWIeMyrriE016Wo4-YACtVsYNzhk8x5Hj4xg5qbadhSjO5bJNjvQhVPgG6dX1zkx8Dur0O1olho-3cLJ1ai5p-w80VgVQy9QEFc0TYZ9H9RpxkF7fX7znCFNSEbjL2E-f34UaKv2ti6czWtCRUH6F4uuxAiGaV9n1wdWgi1Z2AD5mTU9hPAw_6Bi6b_E55_RZvR-89s8dy_ICrd3S2JTu6mIe5v9t6hFI1pQ5fIb7w3d0GFCwI3HDO1nSMIrbEGQAiqqYRL2r0V5bdSbW2ords3WO20EfKgeh5LSGwZTMexSGjx7hNgmDUY75R3ecBYNcypXFIeP318FYibfbPeRWLAGXDu-k6fQ&sai=AMfl-YRUB9uXJPYrfsv0Hlxb_FZ8_RFYXdtb3hePHZDIYzCWGCL7VTFL1gZLDCKXcZCbh_CAz9GHly-HGYh8fuKFW-iFMFNRlVavmBkwvJruHFOxfHgXdKPRnbrCWdo586zVI0CQrQvSlOvS9Z90-rw3gaA&sig=Cg0ArKJSzOu4r-YsaxDKEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logo-uai-mobile.svg
imgs2.uai.com.br/UAI_2018/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs2.uai.com.br/UAI_2018/logo-uai-mobile.svg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.177.67 Ashburn, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 04 Dec 2020 13:30:00 GMT
server
nginx
etag
W/"a2b7c26-1ce0-5b5a3792dc87a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
expires
Sun, 31 Mar 2024 15:47:32 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8faeaf8ed3dcd4436225abc6eb6fceda7c167d6617ac0013efa82a58dbaa118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Mar 2024 15:47:32 GMT
content-md5
zBxyvBdiJXjIBs4sh0Ag0A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=23, mss=1232, tbw=4325, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
LpbQL8cna52wNwxmLk0Ln6yO9xJfZugwkKNkxMsJYQRXQNEaFHgGJ1x04a84kGfvFiml+uPmiJujznXUNO95HQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e933d52aac886cffa4f61d62c64ad6c6
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"38d01b2e547896b8fe55bd8ce379d1f8"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Mar 2024 16:04:28 GMT
sprite.48.svg
imgs.em.com.br/em/ 		297 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/sprite.48.svg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/static/css/capa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
4cf753c1ce23c690959ba1b59e6527be184cd38e332499514daea51b4292d0d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 18:39:26 GMT
server
nginx
etag
W/"726dc57-4a3c4-5e998d8e6efe6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 31 Mar 2024 15:47:33 GMT
sprite.46.svg
imgs.em.com.br/em/ 		204 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/sprite.46.svg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
95d9e987f13cab8761ab808e0535802234afee17ae943deab91994e67ab6c3ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 16:27:41 GMT
server
nginx
etag
W/"b7246da-32ff1-5d112a3339324"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 31 Mar 2024 15:47:33 GMT
/
image.staticox.com/ 		93 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.staticox.com/?url=https%3A%2F%2Fimgs.em.com.br%2Fem%2Fpattern.png
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/static/css/capa.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c891 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec6557aca9fa6a0659caa489d6d841f7ca94d1d04e15e23b8b3c457168fe5048

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0vY0cHR1eGyMZoeNzYFQyVSBGl7o2xfIt7lDgh8iszOo%2BfTzKnIMAlATX5VE6CLjF0glCz%2BKXrm55T6wO8DvWNYMuQv747uXbJodDH6be%2Fm2cpkPebWyO67tnzJyOpvx3IhdThqY7zFzsE0G3swOg4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697cce20f694bd3-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
merriweather.woff2
css.em.com.br/em/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.em.com.br/em/fonts/merriweather.woff2
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/static/css/capa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.66 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
53be0578f87f1f73d305110acb20730521d0056775c76d688a5008c7781c7180
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://em-br.diariodetocantins.com/
Origin
https://em-br.diariodetocantins.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 26 May 2017 18:17:48 GMT
server
nginx
etag
W/"55e5bdf2-5b98-550715ac5eb00"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 31 Mar 2024 15:47:33 GMT
sdk.js
connect.facebook.net/pt_BR/ 		298 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=369fbc61e2f73d8405c40ead7a1123ed
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
138f770fc29d3792e7b5cecfe424b5e2da5d8984cc7e38072955a1dbdf826214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://em-br.diariodetocantins.com/
Origin
https://em-br.diariodetocantins.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Mar 2024 15:47:32 GMT
content-md5
4FRdgsj4T7np/4R4+ARyvQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87255
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=21, mss=1294, tbw=6387, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
FH0xDQqVXHYU9ePztcNjofPeXTQMe3FljLHid0dWQ6liw4uLtX9v2+cXTrxscBT4Yv7vyKtxLQ0yB+CfUQC6lg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c90d0882663a46aa677031a1f3852aeb
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"9990a258a9fa0f63068183f20eef54eb"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 24 Mar 2025 15:24:20 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2588fd4572f8538aa86dc073a6cc587452c4a658dcbf38dde6511eada4ebfec8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
1_colunista_paulo_delgado-31024714.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_colunista_paulo_delgado-31024714.jpg?20231102151208?20231102151208
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ef4288e83cbe9fe117306c30e5482466e8cd7f9d8f7838ee95c65a6a28cb33b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_colunista_paulo_delgado-31024714.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
98FV8QW16N2F5Y24
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_colunista_paulo_delgado-31024714.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
4781
x-amz-id-2
dst9ddWPMbJF3E04ZfTldtK+vkTbKA5dMBmBPqP2hHyoOh0WWnlG9bmaYZLvXXN8MAzt+bKhtm4=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Thu, 02 Nov 2023 18:12:30 GMT
server
AmazonS3
etag
"a4b1ff8d662cb5b8b57b576feda9776d"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
158305811
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_colunista_regina_teixeira_da_costa-31024791.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_colunista_regina_teixeira_da_costa-31024791.jpg?20231102150034?20231102150034
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08d0789053003490946f5482537be59e1979e5e24ca52c525dedf387526295bc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_colunista_regina_teixeira_da_costa-31024791.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5BXBKSHVDTJ09NKW
age
138
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_colunista_regina_teixeira_da_costa-31024791.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
4675
x-amz-id-2
CoMff3xJZADJ/V5cAV2uOzVbw4iie836nJYdSaZnF8G4UMDKFmTIgIHzgRvQyf5NXYrA5r4bp9g=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Thu, 02 Nov 2023 18:02:03 GMT
server
AmazonS3
etag
"3efed0aeb801ba6ce4b83a296fbe858c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
6357820 1836800
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
/
image.staticox.com/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.staticox.com/?url=https%3A%2F%2Fmidias.em.com.br%2F_midias%2Fjpg%2F2023%2F11%2F03%2F120x120%2F1_colunista_helvecio_carlos-31596533.jpg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c891 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070c65f53fe0f4614ba1508177431e8707bf9f4d0a4ede85c27a03d230a9b2ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2F%2FlDo0vFaP8wJOOCgYsBOyHwyqEHSmN5lqQj%2FWmiNMuydICL7Jogufk%2BIrkj9bgyX072RugpAI3G6BZpYET%2BL3ICk2dC3mrhAJlVrePeL8g%2FqF9e8gXwuJI%2B4t0sDvoS0ZiCflqJIlh2%2FhyrmSbLz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697cce2bd6a4bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
image.staticox.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.staticox.com/?url=https%3A%2F%2Fmidias.em.com.br%2F_midias%2Fjpg%2F2024%2F03%2F23%2Fefi2403p0001-35725359.jpg
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c891 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
776f580b85ba762bfcf46ebe934d867dda8d62d39e8773d93ec1f2414501e472

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2B5sgK1dUhJ7SsDez%2ByEoMWEJUpuTigaXNZJMsgXSLAm%2FypXmkwfGbIuWbI1ARYasxAMogLooWC%2FqfGn2jdZToUOaFHaXNr57RRe7yYCHMjUp3zu7XrqJcVP%2Ff2IGbgH7eyPXcWfceeBDRr64Zmg4oQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697cce2bd6b4bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
1_colunista_marcilio_de_moraes-31024430.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_colunista_marcilio_de_moraes-31024430.jpg?20231103103412?20231103103412
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0df0150b3a2c0a2e388ec9e067c75abebb80f6610d674b04772ec86825944a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_colunista_marcilio_de_moraes-31024430.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5BXE54RBR91SVW91
age
137
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_colunista_marcilio_de_moraes-31024430.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
4511
x-amz-id-2
rZwdaffcH0MlcYp7EaGs32cYc8i7Mu1w0HsNeAnCXVIzcImhrLfdvKCLvUeKRC7bj7A3Qp+8YCs=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 03 Nov 2023 13:34:42 GMT
server
AmazonS3
etag
"50b7bb41f4e5477281c7f6954c1854e4"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
6947132 6815886
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_fabrica_netzero-35724618.jpg
midias.em.com.br/_midias/jpg/2024/03/23/330x220/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/330x220/1_fabrica_netzero-35724618.jpg?20240323200611?20240323200611
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6481ebd6e6e43917bd1ab01dff100fc0dd19034b19f9176c8b495e5407645c5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/330x220/1_fabrica_netzero-35724618.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
KKEFAN7PAKBP70R8
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/330x220/1_fabrica_netzero-35724618.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
20665
x-amz-id-2
Rs1VwBW5h9OcmT8eyW2LBWfbAhrP7xK+XMQ3lOwFwHWZAh5IPifJJcBHRYgoW3wISGwU3sVBjx4=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 23:06:41 GMT
server
AmazonS3
etag
"c6e86a90add7a83eb556797b7643eb06"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
156241872
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_colunista_luiz_carlos_azedo-31024382.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_colunista_luiz_carlos_azedo-31024382.jpg?20231103093415?20231103093415
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03089497f2493071b7d29a09a82e118f75f33abb560c00b42253a17b3d52cb9c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_colunista_luiz_carlos_azedo-31024382.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5BX5AMQKM56KSPJM
age
138
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_colunista_luiz_carlos_azedo-31024382.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
5557
x-amz-id-2
/as5jiHy9jD8fX+sseXo7FVGxe7H/Fq8aSaYcNQwuW6ikz/oQAeH9cD5PlCDnacyl+rWM9BTWi0=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 03 Nov 2023 12:34:39 GMT
server
AmazonS3
etag
"d35ba877ab1e2331db7d0425c0b350ab"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
5439988 1836798
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_mauro_cid_depoimento-35724168.jpg
midias.em.com.br/_midias/jpg/2024/03/23/330x220/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2024/03/23/330x220/1_mauro_cid_depoimento-35724168.jpg?20240323192611?20240323192611
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.175.69 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7580c52e57f94ff723f1e01e171399ce0dc6df55d88499ce9971e5f277d6571
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:32 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2024/03/23/330x220/1_mauro_cid_depoimento-35724168.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
KKE7D02YTKHF6Y93
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2024/03/23/330x220/1_mauro_cid_depoimento-35724168.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
17934
x-amz-id-2
dnhhH49arRK1wlQJfQR5HJ+6LLnt9dioVKbVC6CTJoHTCzRzMVVNMTw3Fdmj3RVJ54jelhD3DpI=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 23 Mar 2024 22:14:25 GMT
server
AmazonS3
etag
"cffed4c5d4c9aef67b41a7ab4284f166"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
156667694
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
6558.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/6558.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/869/6558.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-82.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fb11d98e1bdff89b5556445e957f666a0f587cf7d7a4594a59ae6abbe23784c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 14:12:49 GMT
via
1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 14:08:17 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
3116085
etag
"5248bf0a7f3baeee972d8a24610584ba"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5844
x-amz-cf-id
HZ8WcSy6HeJ1eMqEuQZIg0lj1U5_o-udKwExIqLCzUYzCVI5OcQjOg==
p.php
stg.truvidplayer.com/ 		13 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=869&wid=6558&cb=2731.3381406002677&url=https%3A%2F%2Fem-br.diariodetocantins.com%2F
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/6558.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-18.yul62.r.cloudfront.net
Software
nginx /
Resource Hash
eb2e78e82066485dd62ad9e5f2f88b9d9877c6ed1a1fddfd724be899569ee31f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:33 GMT
content-encoding
gzip
via
1.1 0880eac0689b5b1cff547e39e0daa976.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://em-br.diariodetocantins.com
access-control-allow-credentials
true
x-amz-cf-id
24wLP-o_MRROxUoJfzvHyknEw_u5Ht6wFyGi59GeanK8t3L5aqqE-w==
analytics.js
www.google-analytics.com/ Frame 7BB6 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: barra.uai.com.br
URL: https://barra.uai.com.br/centralizador.html?origem=https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://barra.uai.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Mar 2024 13:55:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6750
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 24 Mar 2024 15:55:03 GMT
merriweather.woff2
em-br.diariodetocantins.com/static/fonts/ 		90 B
662 B 		Font
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/static/fonts/merriweather.woff2
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50f3109ece70eab3f8066fa0f2cb707f0e26e5cc3d2915ea35e8e9cdcb622eab

Request headers

Referer
https://em-br.diariodetocantins.com/
Origin
https://em-br.diariodetocantins.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nP3JF9UFTsT%2BukMqe9kUsRdbobpVSPFeAYdeNCnBScPjqc68pEE%2FUmnKiY%2Bb4Lb12Mo8xCOVA%2BWjoLN%2FgNtrGe2p09my8UKsTvvVI7%2Flf2I8n39EXTj17mtH3Z6lOi7UB5%2FlXoexWLFvySyLBti9NhogGk%2BvUfgail0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697cce928264bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		137 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1453300635124221&correlator=3926264226296046&eid=44809527%2C31082164%2C31082082&output=ldjh&gdfp_req=1&vrg=202403190101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x100%2C1190x250%7C750x200%7C728x90%7C970x90%7C970x250%7C980x250%7C990x100%2C336x280%7C300x250&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D30e4712c39b09385%3AT%3D1711295251%3ART%3D1711295251%3AS%3DALNI_MZuEPB11qPtvUeb2Ed3nAOuRC0yBg&gpic=UID%3D00000dd537c17569%3AT%3D1711295251%3ART%3D1711295251%3AS%3DALNI_Mb-GpcR9hA4sUQCHxggzLJqs0-v3Q&abxe=1&dt=1711295254009&lmt=1711295254&adxs=436%2C205%2C1146&adys=1110%2C359%2C1250&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&vis=1&psz=1600x-1%7C1334x-1%7C321x250&msz=1600x-1%7C1334x-1%7C321x0&fws=512%2C0%2C0&ohw=0%2C0%2C0&psts=AOrYGsloAFB6ZlbHlrly2yucGEfQNuvU987pjph9ppmOs41DBQPx2pymkIgbpuL7iwCyr97jh3j65P1xIwvAZ3KxAvg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1584523209.1711295252&ga_sid=1711295252&ga_hid=714421195&ga_fc=true&dlt=1711295251129&idt=422&prev_scp=identificador%3Dpublicidade-ancorads%26refresh%3D20%26implementado%3Ddinamico%26pos%3D1%26amznbid%3D2%26amznp%3D2%7Cidentificador%3Dpublicidade-rasgado-1%26refresh%3D30%26implementado%3Ddinamico%26pos%3D5%26amznbid%3D2%26amznp%3D2%7Cidentificador%3Dpublicidade-retangulo-1%26refresh%3D30%26implementado%3Ddinamico%26pos%3D6%26amznbid%3D2%26amznp%3D2&cust_params=unified_id%3D5007ac3f-ffe1-4058-99f1-840e3df9897a%26_type%3Dguest%26paywall%3Dtrue%26testeab%3D2%26resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cem-br%252Cdiariodetocantins%252Ccom%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%2520-%26tagsofpage%3Dnot%25C3%25ADcias%252Cminas%2520gereais%252Ceconomia%252Cpol%25C3%25ADtica%252Cnacional%252Cinternacional%252Cci%25C3%25AAncia%252Csa%25C3%25BAde%252Cloteria%252Cconcurso%252Cresultado%252Cestado%2520de%2520minas%26subtitleofpage%3DAcompanhe%2520as%2520%25C3%25BAltimas%2520not%25C3%25ADcias%2520e%2520fique%2520bem%2520informado%2520sobre%2520tudo%2520o%2520que%2520acontece%2520em%2520Minas%2520Gerais%252C%2520Brasil%2520e%2520no%2520mundo.%26reload%3D0&adks=596798238%2C2935826974%2C2804343735&frm=20&eo_id_str=ID%3Da7c429d4bdc5fbac%3AT%3D1711295251%3ART%3D1711295251%3AS%3DAA-AfjbroHEGM4IhwcxWsHtWqCYd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33baec5e3f5f93f3bdfd4e18403f591ae47a4f8ed91ac454552a4358a495f9fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26024
x-xss-protection
0
google-lineitem-id
6302913044,6611241021,6611241021
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138433652515,138466203675,138466203678
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60FF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 15:47:32 GMT
expires
Mon, 24 Mar 2025 15:47:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A4DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJuZZmhcZuRIVuHmWfQ4GcQZaNCwl-HCaSIQb41vT3HqLtyeeyMzlhBaCDq4A_WSeseI4mOYvKj666ijmuvGNrIL9KUXqc9eolj67jPVGj2b0CqDW9cNhWUCVlhs288Kh1e9kpajhyzTBQ240H3W-b0gto9v6BPb4bwuCASYVp4wmPICHQmyPPmduiYoEisvh2nQmvdTuGKwdOcpuk196iJsX88MNq97A0bWOQ6LH-XqxBKHTcPBWP-ne92iW1HmeNVijQXK8ie3hLq0fn3fc4QDM5h_roZw2Sr9Gjd4IARwiS66mMPAgltCyWwJjRjIeDnhNpzNKGyI5wmBxpTts9k2yux11u09yWMqjAPwNBl7je3VodoZH7D0-JTk5JpA&sai=AMfl-YShC2QjrTM8XOeNdwTO9ExErmK0wuMc90AFiocZZyEQ-BH9H0jDW9vMrZ-7UO1yL3oWnzSu5v9Z4cbCiGkWBRiO6L8TAda-msxq_5XWjzfZq1f63URTMESQ0mta3w&sig=Cg0ArKJSzL73pO7qedZuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240321/r20110914/ Frame A4DC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240321/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 00:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
53388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Apr 2024 00:57:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A4DC 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dda6f756be8f7be7e4e4d75c1448a6927e30f9585d0e1d9d3637febf950d235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29001
x-xss-protection
0
server
cafe
etag
101 / 19806 / 31082134 / config-hash: 14337009746000550812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 15:47:34 GMT
prebid.js
tags.denakop.com/ Frame A4DC 		323 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/prebid.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 03 Oct 2023 13:24:20 GMT
server
cloudflare
cf-polished
origSize=330936
etag
W/"651c1604-50cb8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
8697cceddcb84bd3-BUF
alt-svc
h3=":443"; ma=86400
em.com.br.js
tags.denakop.com/10303/ Frame A4DC 		256 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10303/em.com.br.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc81170d83cd6e76d5f0be3a3a9ae75fa91d97ba40e4c88de97af90e7f49afca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 20 Mar 2024 14:03:32 GMT
server
cloudflare
etag
W/"65faecb4-40124"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
8697cceddcb94bd3-BUF
alt-svc
h3=":443"; ma=86400
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A4DC 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:01:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 16:01:11 GMT
container.html
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D892 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 15:47:32 GMT
expires
Mon, 24 Mar 2025 15:47:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 60FF 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 03:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
215743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 22 Mar 2025 03:51:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240321/r20110914/ Frame 60FF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240321/r20110914/abg_lite_fy2021.js
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 00:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
53388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Apr 2024 00:57:46 GMT
adtag.js
iframe.fresh8.co/632c26106b5bf1001c945ada/ Frame 60FF 		2 KB
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag.js
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fd0 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e2d2782189dd696def76fe3f1b7d3b933dc132def4c4165357cfd90cbe6de239

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
content-encoding
gzip
cache-control
max-age=604800
x-f8-o
P
content-length
391
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 60FF 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:01:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 16:01:11 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D892 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 03:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
215743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 22 Mar 2025 03:51:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240321/r20110914/ Frame D892 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240321/r20110914/abg_lite_fy2021.js
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 00:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
53388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Apr 2024 00:57:46 GMT
adtag.js
iframe.fresh8.co/632c265f6b5bf1001c945d27/ Frame D892 		2 KB
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag.js
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fd0 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e2d2782189dd696def76fe3f1b7d3b933dc132def4c4165357cfd90cbe6de239

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
cache-control
max-age=604800
x-f8-o
P
content-length
391
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D892 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:01:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 16:01:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 60FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMP3v-HhmxpHEnxIH7Ji66k3IGUGTK-0UG7Egcg6IWaJjmdTNITUTANiceV1Ul97vtTQN3UxjGIUVuAEAbzZfaBbyYWmoiW9S-ZT7_cC5IMYwjXsh8_p0F2z4MY4weTjx0nqvM_z2LV4TW1qLxEIBGyS6avT7_JbzFnd6yqmIuSJzYEFCEwEtBzTLXZjGIsG8Qn2FU2j-pNu9Pk4o9F5Gc1JMtVSo6rNpv634IBTnlhblIV9JGFY5VkOKqpgypbD1b60lvvuFI-LiP_fCrIX6Mg07wIai_nmQYozh0BAQWmj31HVp9li5zMRICftPIFecofON_bPgGmSkS5z2SG9sgQ3OVl7EZVoJvPjn4ag2uvXA9eaZnXmfilOCOCTm4XScdHoE&sai=AMfl-YSqkoFWNi7B2RFHMCpHucjIB-ywtF_8j9RGDo5R0evXRmFn9vOk_-Dt-yRuHTyAkwwDhahEQl8Frc5B0R2bZRPrtzk0xPVsuhLHo9-n3a9_iwcI-zfy4hqzbd3cxQ&sig=Cg0ArKJSzPRE89JQ8x_kEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adtag
iframe.fresh8.co/632c26106b5bf1001c945ada/ Frame 78C3 		33 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fd0 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
abd5b04b87749553ad040760f546215716530f853754ee74cea0c6908dd85b48

Request headers

Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
accept,accept-encoding,content-type,cache-control
access-control-allow-origin
*
access-control-max-age
8400
cache-control
max-age=300
content-encoding
gzip
content-length
7174
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:47:34 GMT
etag
"554b2be7b802e532be95c9ca0c23454d80563bc7ed474359d17154705b820ab9"
vary
Accept-Encoding
x-f8-o
P
truncated
/ Frame A4DC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
131a82cec43bcc1f2dad42cd1dc302635aa60607cafa4d841f1140f2ce6cec60

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D892 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt5gAQd2uJwt1VKpG_VFAo-yRIfVBM2ZjCkLBaY1WKaWImc16Jdru9SYyMjy_dRthtoqCxYQNe5NKsB8Pyawp552B55_eiCq0VD2eNbZDOh3qqCyHRCsWS_GJTTNUrHWNZUrpuUBGn2Z23lIhg8-_GeqXwmApc0-PMdlsIHWAsmEum6K-uI9BTyLmM3THO8fcwalLgz94J7G1GHf2z1nDRnm0OsdBtY2QeaY6jlSwYsaC3wBhqRZRUbXE4UY8bV5UwYG78WGX6n9ozbOBYvd7x-V6MjX77TCkbxak7BQSTSQK7D5DX9qb3wfKE2KQ3UtC3WEF_XecFBnuItFc8jZrdw_xOr4Y_mN5IEuo-GV9jBxcSK_lYVV0GmVvo0D1x_tORukc&sai=AMfl-YRoB95iY9voBv12VD36x5lm8o2aGo1W0qTk7EqHSvbjdnBgTp0sv0JI6X8Ge_yqU4qRNOZh50jr8gzVw8S_G_oqSOeXOfD3lG4JdNPtYFo0Y_xTu305dVyBekHCXg&sig=Cg0ArKJSzBO8mWnmhZiUEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adtag
iframe.fresh8.co/632c265f6b5bf1001c945d27/ Frame 2E61 		33 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Requested by
Host: 40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
URL: https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fd0 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c183d591522f9e4c05c59ec790f2fdb4e7a0d628951f22cfbd3f2bda6fc7a56a

Request headers

Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
accept,accept-encoding,content-type,cache-control
access-control-allow-origin
*
access-control-max-age
8400
cache-control
max-age=300
content-encoding
gzip
content-length
7177
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:47:34 GMT
etag
"11102e2335de3277e70ea0a28c2c07fb80563bc7ed474359d17154705b820ab9"
vary
Accept-Encoding
x-f8-o
P
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/ Frame A4DC 		439 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082134
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df9592b48b705333bf1569635691c5cac45c37b62b12e6d0ac21f85d4bb5254b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 10:32:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18911
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141349
x-xss-protection
0
server
cafe
etag
11472626096978793655
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 24 Mar 2025 10:32:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame A4DC 		72 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=em-br.diariodetocantins.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fae95fc957c1950e1e0e498f631e05fec5ded2799231088f7f477c0417a79c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55
x-xss-protection
0
expires
Sun, 24 Mar 2024 15:47:34 GMT
js
www.googletagmanager.com/gtag/ Frame A4DC 		121 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=undefined
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10303/em.com.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae32bc027827e9e655fc96772fa09bd7e184af22e9f2ef5cde2e5228da239191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47850
x-xss-protection
0
last-modified
Sun, 24 Mar 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Mar 2024 15:47:34 GMT
api.gif
tags.denakop.com/ Frame A4DC 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10303&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fem-br.diariodetocantins.com%2F&t=1711295254847&cb=0.8801996771453442&at=html
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:34 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
8697cceeed1b4bd3-BUF
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 60FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuueLUr-QOlUqd2wPUHZVakQdqtXtRKMJD9orhdaFAU-CIgqAnPRSHWidYF7hKHBOzBqTAzz1QOh7j_AI6FwxQ5GEsI5zupCsRqZC_muYRwA6xNGQS-Tv_IZ6t-U4AxZpYH9GNK1ganeH6PbxKkRFvJpSETqpcnmWn7nCPKIGjjS_5V-hAfATEYILy5qL0kGftQizLpfK2RgZYAsfoCVLjQuFWB-JTqlrKuy47rpEKNbnvNF93YnXCVcwCVjON7T-CkbhsBlUZp95z5wETxvbh64HgrNk1G9hsEN3ZFpU-YzORFGXyNFPwnkDEbvfImLGXpEDMaQgCvNC_OOTi9Epd3DjgACxp7kSKXvnvDAhViSWhT1Xd17Kq_gZ5zB7IT4l1yjSoApQ&sai=AMfl-YRt8p6HNurU29S7zeRvH5vx5nd0eFZFRd9qh49o9d7P7FPEdaSck56PRAKyQEaav7rI1jMaX3qvLk-yH9vB2SRbiAjUBticwWarOdH21qcrbWPGpS-xZBly5A1G4A&sig=Cg0ArKJSzOGaaBOLwCSxEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Mar 2024 15:47:34 GMT
truncated
/ Frame 60FF 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f9455831cfb110ca7efef69049605177d56cf15dbe8a709cef889f4f33f5cb8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A4DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszKOMgFQIuVfDTJPCQRk3xgj-mbcgNdmPycrCfip5UiwIJTFPWoemyYzuWjOLZhvRJI9pwmms_xWuWSRZJ3ZMUGdVT9y7IPafNqyCAoqfjDE6lJWMMpLTX7zwUbbaDb0Oy9e55jsCLmkzoNB3z-Us7vrwKv6Fo5t87j3ZbANYSXXbugqSwtI_ogSq6X70HKsTugL-F8KFoN94m1xM8g8Es17azsU5n6KZUTC19QSwxoCkfQY_3aKEu-X5xa4LuJ2vINtCNtghiEdSfaKObpTR9teo35VM3Mja-6DFLNWFPwT2HO5bxkMlHl4odASo4XDC2RbRa413LjZxqaHBLJ9LEgT4e-ZU57elJfAc6LlX0JVbrRC_G3jlLouAQHtycbB6y&sai=AMfl-YQqh6RxlJeVsmxKXRRCh5nGgscO6PHL0_maX4bX4NPHS7rhGnU2pMVZMQUt0JPrnxYxZagrRfxBJSDc1hz2KClyYdQBBiT7LMzszB87xJyMzB2orYOD7XCtqz01Zw&sig=Cg0ArKJSzK7aZkU_poLuEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Mar 2024 15:47:35 GMT
/
iframe.fresh8.co/ Frame 2E61 		19 B
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iframe.fresh8.co/
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fd0 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
cache-control
max-age=300
x-content-type-options
nosniff
content-length
19
x-f8-o
P
content-type
text/plain; charset=utf-8
index-ndbj3Kth.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		292 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c87a08f17156f9e78bab36efa1ea991c3161a34402b5455c604af86cbae0dd23

Request headers

Referer
https://iframe.fresh8.co/
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpmbd3vW7JfYpWMA3cVa3dU7hKkSRkLzYUyYZeWB8MuVImnFAdXc367pKxU_X6cEWj2clJYQqwvJg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
88175
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"4afde48e680c555569e0a6059d57efd7"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098257180
x-goog-hash
crc32c=DxMmEw==, md5=Sv3kjmgMVVVp4KYFnVfv1w==
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
88175
accept-ranges
bytes
/
iframe.fresh8.co/ Frame 78C3 		19 B
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iframe.fresh8.co/
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fd0 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
cache-control
max-age=300
x-content-type-options
nosniff
content-length
19
x-f8-o
P
content-type
text/plain; charset=utf-8
index-ndbj3Kth.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		292 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c87a08f17156f9e78bab36efa1ea991c3161a34402b5455c604af86cbae0dd23

Request headers

Referer
https://iframe.fresh8.co/
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpmbd3vW7JfYpWMA3cVa3dU7hKkSRkLzYUyYZeWB8MuVImnFAdXc367pKxU_X6cEWj2clJYQqwvJg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
88175
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"4afde48e680c555569e0a6059d57efd7"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098257180
x-goog-hash
crc32c=DxMmEw==, md5=Sv3kjmgMVVVp4KYFnVfv1w==
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
88175
accept-ranges
bytes
t3m.js
tags.t.tailtarget.com/ Frame A4DC 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-11382-4/CT-1249
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10303/em.com.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 13:59:42 GMT
content-encoding
gzip
via
1.1 google
age
6473
x-guploader-uploadid
ABPtcPpWpvH_6dZZ_j2cg0jzbga4AtS_j493wPMq8OeV1RvrX9eSktlbK3RmHWGVNBfeImOtqQFtbc0FXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6184
last-modified
Thu, 19 Dec 2019 17:12:55 GMT
server
nginx/1.8.1
etag
"0aa924c986b60c68345be2b644a237df"
vary
Accept-Encoding
x-goog-generation
1576775575233105
x-goog-hash
md5=CqkkyYa2DGg0W+K2RKI33w==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
6184
accept-ranges
bytes
expires
Sun, 24 Mar 2024 15:59:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D892 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLnp31VuZBLzKT2ev4xIjfDevaFA9lJvxDtdX5NnaJw64dyqBRqjEiN5USgeqHo-HAgoOwatoPmKHCGcIvHlmhMsiX1tDFyux4YTJbFLIndOJiwfZ6dyEjFvjwM1ep_nKQA2bYvKjTrAz2SFKERbJ0Ip9nFgObF6aALq8IwXHKCvGIgoUQT489qsX5T3HTxDh__c5turIq9T7NDW-hxcpWhw-VfRF2MtFLBVFJrv6N44MqszlzpC-bOo9GRZHIChCh81fP2buIsZERJY1gFeRAmzjCBkq7fey-ZBXw9iC9aNB1AF8KvQCWkZD_1CiezYjNa_CEOm5iPbUhjgaB3zHs4K7xUP1znG-7P-aeEzfrxBaLV7GkKu6ZkqbXZwUQPbWgdUxVkw&sai=AMfl-YRX6ThnlY-c6ErlvJqQDHaGdlR5DIrzy6b1kaR7T-Yn-MSaWE63P1vGbKo-Aiz_dNMmsQHfPLk6F5L6sU5-f878ywr4-BMvgI59tyR_xxO45XB_LclR0R6jWma6Iw&sig=Cg0ArKJSzGZ3Yvf0tb_qEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Mar 2024 15:47:35 GMT
truncated
/ Frame D892 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
420def68a35653f8009b07b594b9c88d6d6474108e9b1b961df299096e98a621

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
conversion.js
d.tailtarget.com/ Frame A4DC 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:05:57 GMT
content-encoding
gzip
age
60098
x-guploader-uploadid
ABPtcPqJQ6tqd9qQvj_SFEu8-FrlSjl0yrhidNMNYEX3m-1s2YDdsoED41qdS6eS6RRvWNF1C2Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Sun, 24 Mar 2024 23:05:57 GMT
base.js
d.tailtarget.com/ Frame A4DC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 18:46:25 GMT
content-encoding
gzip
age
75670
x-guploader-uploadid
ABPtcPrAQBAQFe7sqSCQ8fcuC7naD2m0CtNc2lbEs_48CkbXsK6GKaM0WTaF-668J3EUvxQTM-uVvyebLA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Sun, 24 Mar 2024 18:46:25 GMT
u
b.t.tailtarget.com/ Frame A4DC 		76 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
42e97cc2c131430efbb534733d333afdfa9d42d4afbf104b390fc33582674b98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Wrapper-TppbZLai.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		1009 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Wrapper-TppbZLai.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
33ea3ff30af93fca3f063ad30a95a2da37837b05eaa338cbe958d9644954840c

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrurZTp51s2JCYcxWSOohEA6R59IDu16dq3omX7rV40KnPWhsXhOrwJMcW4Sy9fXcdkrrI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
611
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"cc308ed52cb14701b3bb0ec3d9e1306b"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098727331
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=JzxLqA==, md5=zDCO1SyxRwGzuw7D2eEwaw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
611
accept-ranges
bytes
Header-CSmha52H.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Header-CSmha52H.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
da67035c47f6707d4b7f47f93685d28a61c95c9b70e7d108f219dbb5c78c7462

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPofLyHSkpPxovsIJZaVXI_IBFcO3ypRnAE8iWXPZv4zcX5VjmpXxvj3sf3k84sXgc3M1NkKXSW6Mg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1371
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"f8d75654f60d6361c336b18428505c4f"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097855904
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=aCF8qA==, md5=+NdWVPYNY2HDNrGEKFBcTw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1371
accept-ranges
bytes
Content-Td-3SE3P.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Content-Td-3SE3P.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
12d68f611c8abbe09a5419771e510002d1849a719baef072aed77623bd4d0713

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpElVNxLVwCfyqE3IdYSY5f7S1IrHQklzVLfYKmRVIm6jHGUtmLB59QlMP_uiq6tPwa55U
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
6927
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"2448f6a1b309cb2273babe42e138d5c9"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097459753
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=kXgUkA==, md5=JEj2obMJyyJzur5C4TjVyQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
6927
accept-ranges
bytes
language-gnt1lE1O.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/language-gnt1lE1O.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1048535d9c170ccc4db87a47e58891f73fba5199dbf27c2a70ca9541cb414d69

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrzoT9ZfKod8Lr2-ptAVGVqJ-09u8C8HtGYkwmhsm5imeDSvjGJkqbZzlSW0P6blyBpUnlHJKTM4A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
594
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"bcd2a5e4c5719d6f38b026b04712c9ca"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098338381
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=tRiRaw==, md5=vNKl5MVxnW84sCawRxLJyg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
594
accept-ranges
bytes
DynamicText-Of1YJKhH.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/DynamicText-Of1YJKhH.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d9f2d54aa580b8242e573f2e770ef6e00acd94dbd54940719caeda6766239bc4

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoawBuLXOI-zR2enXF0hkGdeLOxH9YL5nXuYScZW1kTIZ1Gi3PciE2h2fiMJqSCF0zWJtk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
597
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"a0b0bdb32d1e7487f3a439611d82725c"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097024188
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=XQwPuA==, md5=oLC9sy0edIfzpDlhHYJyXA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
597
accept-ranges
bytes
Text-788BtYJw.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Text-788BtYJw.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
966cc9687d9abc069ee02eb26a541d09ecb7cbb96d7992277f9ff3780050dbac

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpr_e1ZsMyeHn_J1ghLDNbn2L3FvEn56PHW6mBTb1NVfnwqrFbtqgS32p17azw4Pw-iO7g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
888
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"d3af938bc77bcc0ae15915065bf73948"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097569362
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=scxSxw==, md5=06+Ti8d7zArhWRUGW/c5SA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
888
accept-ranges
bytes
ButtonTransition-Nnn9ms_5.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/ButtonTransition-Nnn9ms_5.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9720afb6acf0f61d5e5f8a324763584fbd83d8804047470e9b7b3581c29d6db3

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpjqVmnM_0C-1ueWlyS7ok9-EOytZaYoXZrUtjAIQABKOenkHid1CrlS3NpxOokgnqGy5lnXkh3KA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1842
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"4e08bd1b16688d23ab2f555225244770"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097671079
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=qPUESg==, md5=Tgi9GxZojSOrL1VSJSRHcA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1842
accept-ranges
bytes
TextFormatter-9X-wWJUR.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/TextFormatter-9X-wWJUR.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
119e7ba2e439d798a843bf6d04bd01a12571bc3650733f2a87b505578172bd3a

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPq5C-EQjroZpRqUQEq-j9oawaV0sJ4RBRcx-Dn9EQ44cr8f8Hs_92ts5hHydN9Nw4y_SDmoG5E9Xg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1019
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"1cf535b17bd304f320b7c0c91e18f170"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097305457
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=GMOM/A==, md5=HPU1sXvTBPMgt8DJHhjxcA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1019
accept-ranges
bytes
Marquee-RgRN4J1g.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Marquee-RgRN4J1g.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4971658c3ec37475adb14c8869cfe6e257634c74a2c67a8a7cbba924a4f297f6

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPp_r7NW5prHIQp7GiqlG2h_Ohhyw5V5b51o8YWBa8ItgpL8Ybuv69rlHqUL7GeKavPqmAY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
716
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"61d46be01e9feb973e4fafc677fecf1e"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098102975
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=HJTIlg==, md5=YdRr4B6f65c+T6/Gd/7PHg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
716
accept-ranges
bytes
formatText-ZKrr6VWO.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		296 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/formatText-ZKrr6VWO.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43ff112059cd884805cd316dd3a01a3142d6d286d911a19b5c8cb8914c956ab5

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrI6ibmdTlJ5gfJOCHMmO_30FT6s_hI5t7CFJkrdWekPTiO4A2CphZsD56n-8yh4Ppejl60niNBGQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
235
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"bdd3e9e4e8105788f7ef987c3e5119b6"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098708829
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=KZFOrw==, md5=vdPp5OgQV4j375h8PlEZtg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
235
accept-ranges
bytes
teamBranding-uZtPBgy3.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/teamBranding-uZtPBgy3.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7e7960ac4c0efd6920c3919d9ad82adbdb1eb5ad214390edc71e83df63f8bf79

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrPX4J50RMa-5UKXhBTkMoO-wVNd0K9JMApDR7eWPCZ8ucttYgL39irUMDYIS6xCZSjOp0c9koG4g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4228
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"8289756790a7e8856fc10b4043dd7dca"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097097442
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=qQBSUA==, md5=gol1Z5Cn6IVvwQtAQ919yg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
4228
accept-ranges
bytes
usePromoOption-pXfg38GQ.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		313 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/usePromoOption-pXfg38GQ.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8048e9cabfad8c3f2060fd2c9330f4c6f373bf90c63bb34a3411b68c7848352a

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPot0GozP8DfD82SHXihbz7fpr5c-6CqsrIPEp_HuAa0WUpGM40S-urktdAQVqhh2vXZty-gyz8eoQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
244
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"1e12a5f884db5b75077c78435186a4b4"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098805196
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=E7NXsw==, md5=HhKl+ITbW3UHfHhDUYaktA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
244
accept-ranges
bytes
marketCardProps-Nd3TlCWH.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		266 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/marketCardProps-Nd3TlCWH.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95fb5b99552ff356c40de7ea9860cbd971e5863db367de64c3e3d767785abfa1

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqEc_BYk_jWNdy3WrmWEf9x4CulWCyzKvIda2pjCjTwiafxcZvdiepKeTQGC9pwLo3KbpsoyHU7sA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
155
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"631deb0c7578d50c901ecc9b6ed8971d"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097441021
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=q10zLA==, md5=Yx3rDHV41QyQHsybbtiXHQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
155
accept-ranges
bytes
SkeletonCard-SAPcUy1H.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/SkeletonCard-SAPcUy1H.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9d775e2a88b250e5c40b804a7a9211b9b14e48d2147a1339e0ae58c5ee1e5f00

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpcU8hsBOYuY7G8c4BGEjPIWSiF8d3KSvN5hbhe-qMaZZF4FI69NYUd0KGsTbFh0UZQV1A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
707
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"70e5124ca151f0c97a2cee2a6d42a9a8"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097686031
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=j/ON2w==, md5=cOUSTKFR8Ml6LO4qbUKpqA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
707
accept-ranges
bytes
MarketCard-a_WyozLJ.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		856 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/MarketCard-a_WyozLJ.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d34d6527cf2592c5c68c466b05f88cedb816e5388bbd94f91cc1b363e88a486

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqxCsxC7hmFEJbZQ92uoV29pOeFmy57UrLUYY8xKa3vqBIlfocKqGMtaI4ZwMu9Bt1zFD0hH6Z-2Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
544
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"a81c3fc332ca12212d59f96af5d19b71"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098002029
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=falebg==, md5=qBw/wzLKEiEtWflq9dGbcQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
544
accept-ranges
bytes
HeaderOffer-7sG7o5tq.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/HeaderOffer-7sG7o5tq.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b642056cf0cf51774defbb6aa1893b05b95b4471e279c82e62b79c1eba35ad5f

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqmACxy0p7xXUTB2SuJdBJIVlE9vpFT8D8gLNdCsXKGd9Q83dVfibU_Kan4VnX8CUixPgN0T81dkg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
896
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"4c4f9888323b68370758c4b78317780c"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097502972
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=KTWZdA==, md5=TE+YiDI7aDcHWMS3gxd4DA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
896
accept-ranges
bytes
useCtaButton-u9Ps0DzF.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		257 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/useCtaButton-u9Ps0DzF.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4d504a62ddcb6b8cb45f9e97f633785f802c42b99923d61a344ca2097cf538c

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpQFyEPte0vqi5ttz_SBbfaS7Wa3d63ra6Y9SS43dpURPAoSf6jep-fCfp4E2UpLmwlL74
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
218
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"94633be7a7fea1a8c7a670b9a624cfa5"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097495001
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=HLVsDA==, md5=lGM756f+oajHpnC5piTPpQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
218
accept-ranges
bytes
61545b205b0298001ae45587_1706612422998_e3oXYSwohb_SckUr7GS_billboard.jpg
console-user-assets-cdn.fresh8.co/ Frame 2E61 		7 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://console-user-assets-cdn.fresh8.co/61545b205b0298001ae45587_1706612422998_e3oXYSwohb_SckUr7GS_billboard.jpg
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fe3 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0ee16d4f8cebd58a71d0477af74f3141737950674a467e0bc5d8bdd8f857220c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iframe.fresh8.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrQOflBNvrlJ_ldFyWE14zrq1BfV1Uuv6atI1Bk_lbiMMr2CmEnzeCsF5JE8l2jP8YpX1M
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
725
last-modified
Tue, 30 Jan 2024 11:00:23 GMT
etag
"8d7b47553f4a83abd0731b4bfa2ff223"
x-f8-o
P
vary
Accept-Encoding
x-goog-generation
1706612423455950
content-type
application/octet-stream
x-goog-hash
crc32c=bPIktw==, md5=jXtHVT9Kg6vQcxtL+i/yIw==
cache-control
public, max-age=2592000
x-goog-stored-content-length
7208
accept-ranges
bytes
b
b.t.tailtarget.com/ Frame A4DC 		151 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-11382-4&tY=1&tR=https://em-br.diariodetocantins.com/&tS=1&tU=0100007F144B0066AD066F53027E7B31&tX=b.52&tZ=198466623&env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
2f947700bce47f2f15db7abcb3b52d8a69062f8ea4c3d52207f0cd6423b539ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
prg.smartadserver.com/prebid/ Frame A4DC 		0
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.113 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:35 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://em-br.diariodetocantins.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame A4DC 		138 B
836 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
254ec55745b8adc7fce5964af7c33e25f719e33f172c1dc8d01455a670a9d8ab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:35 GMT
an-x-request-uuid
9c5d4136-7857-4013-b1ae-53cd1bc0b5de
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.246.195; 96.9.246.195; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A4DC 		390 B
934 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10303,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fem-br.diariodetocantins.com%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em-br.diariodetocantins.com&tg_i.page=https%3A%2F%2Fem-br.diariodetocantins.com%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=6175873694a083&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7722840238077362
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d1c164f10819733bde7e54d5aa996a8f0a1b71ad4d35a9756f72970b93bb0b28

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
390
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame A4DC 		50 B
746 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:35 GMT
an-x-request-uuid
2de4fe18-3ad7-4a86-b365-85c6bac7bafd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.246.195; 96.9.246.195; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
50
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
cpm.denakop.com/ Frame A4DC 		0
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=166141&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://em-br.diariodetocantins.com
Date
Sun, 24 Mar 2024 15:47:35 GMT
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
close
Content-Length
0
bids
prebid-us.creativecdn.com/bidder/prebid/ Frame A4DC 		0
190 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://em-br.diariodetocantins.com
date
Sun, 24 Mar 2024 15:47:35 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ Frame A4DC 		15 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://em-br.diariodetocantins.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
prebid.smilewanted.com/ Frame A4DC 		0
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
private, must-revalidate
access-control-allow-credentials
true
cf-ray
8697ccf2ae6b4bd3-BUF
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
-1
Wrapper-26oJysTi.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Wrapper-26oJysTi.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2eedc54012ca45285834679c6d356d19a899566b6287b307531b434126666ae5

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPp-2E0V4T-AUdD6i3jFAWsfSDpPpSYlZM1A815F8NeBpBeLl2vygKgZ44iHokleTDguCg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
802
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"00db97bb2f81393b2a61337c9df1ea16"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098569288
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=An+Plw==, md5=ANuXuy+BOTsqYTN8nfHqFg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
802
accept-ranges
bytes
Header-CSmha52H.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Header-CSmha52H.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
da67035c47f6707d4b7f47f93685d28a61c95c9b70e7d108f219dbb5c78c7462

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPofLyHSkpPxovsIJZaVXI_IBFcO3ypRnAE8iWXPZv4zcX5VjmpXxvj3sf3k84sXgc3M1NkKXSW6Mg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1371
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"f8d75654f60d6361c336b18428505c4f"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097855904
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=aCF8qA==, md5=+NdWVPYNY2HDNrGEKFBcTw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1371
accept-ranges
bytes
Content-Td-3SE3P.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Content-Td-3SE3P.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
12d68f611c8abbe09a5419771e510002d1849a719baef072aed77623bd4d0713

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpElVNxLVwCfyqE3IdYSY5f7S1IrHQklzVLfYKmRVIm6jHGUtmLB59QlMP_uiq6tPwa55U
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
6927
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"2448f6a1b309cb2273babe42e138d5c9"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097459753
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=kXgUkA==, md5=JEj2obMJyyJzur5C4TjVyQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
6927
accept-ranges
bytes
language-gnt1lE1O.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/language-gnt1lE1O.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1048535d9c170ccc4db87a47e58891f73fba5199dbf27c2a70ca9541cb414d69

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrzoT9ZfKod8Lr2-ptAVGVqJ-09u8C8HtGYkwmhsm5imeDSvjGJkqbZzlSW0P6blyBpUnlHJKTM4A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
594
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"bcd2a5e4c5719d6f38b026b04712c9ca"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098338381
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=tRiRaw==, md5=vNKl5MVxnW84sCawRxLJyg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
594
accept-ranges
bytes
DynamicText-Of1YJKhH.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/DynamicText-Of1YJKhH.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d9f2d54aa580b8242e573f2e770ef6e00acd94dbd54940719caeda6766239bc4

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoawBuLXOI-zR2enXF0hkGdeLOxH9YL5nXuYScZW1kTIZ1Gi3PciE2h2fiMJqSCF0zWJtk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
597
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"a0b0bdb32d1e7487f3a439611d82725c"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097024188
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=XQwPuA==, md5=oLC9sy0edIfzpDlhHYJyXA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
597
accept-ranges
bytes
Text-788BtYJw.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Text-788BtYJw.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
966cc9687d9abc069ee02eb26a541d09ecb7cbb96d7992277f9ff3780050dbac

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpr_e1ZsMyeHn_J1ghLDNbn2L3FvEn56PHW6mBTb1NVfnwqrFbtqgS32p17azw4Pw-iO7g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
888
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"d3af938bc77bcc0ae15915065bf73948"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097569362
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=scxSxw==, md5=06+Ti8d7zArhWRUGW/c5SA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
888
accept-ranges
bytes
ButtonTransition-Nnn9ms_5.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/ButtonTransition-Nnn9ms_5.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9720afb6acf0f61d5e5f8a324763584fbd83d8804047470e9b7b3581c29d6db3

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpjqVmnM_0C-1ueWlyS7ok9-EOytZaYoXZrUtjAIQABKOenkHid1CrlS3NpxOokgnqGy5lnXkh3KA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1842
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"4e08bd1b16688d23ab2f555225244770"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097671079
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=qPUESg==, md5=Tgi9GxZojSOrL1VSJSRHcA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1842
accept-ranges
bytes
TextFormatter-9X-wWJUR.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/TextFormatter-9X-wWJUR.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
119e7ba2e439d798a843bf6d04bd01a12571bc3650733f2a87b505578172bd3a

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPq5C-EQjroZpRqUQEq-j9oawaV0sJ4RBRcx-Dn9EQ44cr8f8Hs_92ts5hHydN9Nw4y_SDmoG5E9Xg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1019
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"1cf535b17bd304f320b7c0c91e18f170"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097305457
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=GMOM/A==, md5=HPU1sXvTBPMgt8DJHhjxcA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1019
accept-ranges
bytes
Marquee-RgRN4J1g.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Marquee-RgRN4J1g.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4971658c3ec37475adb14c8869cfe6e257634c74a2c67a8a7cbba924a4f297f6

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPp_r7NW5prHIQp7GiqlG2h_Ohhyw5V5b51o8YWBa8ItgpL8Ybuv69rlHqUL7GeKavPqmAY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
716
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"61d46be01e9feb973e4fafc677fecf1e"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098102975
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=HJTIlg==, md5=YdRr4B6f65c+T6/Gd/7PHg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
716
accept-ranges
bytes
formatText-ZKrr6VWO.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		296 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/formatText-ZKrr6VWO.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43ff112059cd884805cd316dd3a01a3142d6d286d911a19b5c8cb8914c956ab5

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrI6ibmdTlJ5gfJOCHMmO_30FT6s_hI5t7CFJkrdWekPTiO4A2CphZsD56n-8yh4Ppejl60niNBGQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
235
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"bdd3e9e4e8105788f7ef987c3e5119b6"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098708829
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=KZFOrw==, md5=vdPp5OgQV4j375h8PlEZtg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
235
accept-ranges
bytes
teamBranding-uZtPBgy3.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/teamBranding-uZtPBgy3.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7e7960ac4c0efd6920c3919d9ad82adbdb1eb5ad214390edc71e83df63f8bf79

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrPX4J50RMa-5UKXhBTkMoO-wVNd0K9JMApDR7eWPCZ8ucttYgL39irUMDYIS6xCZSjOp0c9koG4g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4228
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"8289756790a7e8856fc10b4043dd7dca"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097097442
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=qQBSUA==, md5=gol1Z5Cn6IVvwQtAQ919yg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
4228
accept-ranges
bytes
usePromoOption-pXfg38GQ.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		313 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/usePromoOption-pXfg38GQ.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8048e9cabfad8c3f2060fd2c9330f4c6f373bf90c63bb34a3411b68c7848352a

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPot0GozP8DfD82SHXihbz7fpr5c-6CqsrIPEp_HuAa0WUpGM40S-urktdAQVqhh2vXZty-gyz8eoQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
244
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"1e12a5f884db5b75077c78435186a4b4"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098805196
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=E7NXsw==, md5=HhKl+ITbW3UHfHhDUYaktA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
244
accept-ranges
bytes
marketCardProps-Nd3TlCWH.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		266 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/marketCardProps-Nd3TlCWH.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95fb5b99552ff356c40de7ea9860cbd971e5863db367de64c3e3d767785abfa1

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqEc_BYk_jWNdy3WrmWEf9x4CulWCyzKvIda2pjCjTwiafxcZvdiepKeTQGC9pwLo3KbpsoyHU7sA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
155
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"631deb0c7578d50c901ecc9b6ed8971d"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097441021
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=q10zLA==, md5=Yx3rDHV41QyQHsybbtiXHQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
155
accept-ranges
bytes
SkeletonCard-SAPcUy1H.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/SkeletonCard-SAPcUy1H.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9d775e2a88b250e5c40b804a7a9211b9b14e48d2147a1339e0ae58c5ee1e5f00

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpcU8hsBOYuY7G8c4BGEjPIWSiF8d3KSvN5hbhe-qMaZZF4FI69NYUd0KGsTbFh0UZQV1A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
707
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"70e5124ca151f0c97a2cee2a6d42a9a8"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097686031
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=j/ON2w==, md5=cOUSTKFR8Ml6LO4qbUKpqA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
707
accept-ranges
bytes
MarketCard-a_WyozLJ.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		856 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/MarketCard-a_WyozLJ.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d34d6527cf2592c5c68c466b05f88cedb816e5388bbd94f91cc1b363e88a486

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqxCsxC7hmFEJbZQ92uoV29pOeFmy57UrLUYY8xKa3vqBIlfocKqGMtaI4ZwMu9Bt1zFD0hH6Z-2Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
544
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"a81c3fc332ca12212d59f96af5d19b71"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098002029
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=falebg==, md5=qBw/wzLKEiEtWflq9dGbcQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
544
accept-ranges
bytes
HeaderOffer-7sG7o5tq.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/HeaderOffer-7sG7o5tq.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b642056cf0cf51774defbb6aa1893b05b95b4471e279c82e62b79c1eba35ad5f

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqmACxy0p7xXUTB2SuJdBJIVlE9vpFT8D8gLNdCsXKGd9Q83dVfibU_Kan4VnX8CUixPgN0T81dkg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
896
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"4c4f9888323b68370758c4b78317780c"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097502972
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=KTWZdA==, md5=TE+YiDI7aDcHWMS3gxd4DA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
896
accept-ranges
bytes
useCtaButton-u9Ps0DzF.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		257 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/useCtaButton-u9Ps0DzF.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4d504a62ddcb6b8cb45f9e97f633785f802c42b99923d61a344ca2097cf538c

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpQFyEPte0vqi5ttz_SBbfaS7Wa3d63ra6Y9SS43dpURPAoSf6jep-fCfp4E2UpLmwlL74
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
218
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"94633be7a7fea1a8c7a670b9a624cfa5"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097495001
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=HLVsDA==, md5=lGM756f+oajHpnC5piTPpQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
218
accept-ranges
bytes
FooterCarouselDots-ZHeuVEMP.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/FooterCarouselDots-ZHeuVEMP.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
25d7c7de1c8c832e2e42e2881c3bd34f9129e19171e78d96e82d3fac79b6eac3

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPr2zsjE_yDI8tIOjoILCs914IHXDjwxKYI_yx7EqLUc9Ar1_Zzo33fDanLyt-XNFpTKwbng4XEfGA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1028
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"62ab37836f5460158d236e1e558b737e"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098680780
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=iEXJ2w==, md5=Yqs3g29UYBWNI24eVYtzfg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1028
accept-ranges
bytes
61545b205b0298001ae45587_1706612422999_WKZZ2Tg_y8_zpAftg43_betssontest.jpg
console-user-assets-cdn.fresh8.co/ Frame 78C3 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://console-user-assets-cdn.fresh8.co/61545b205b0298001ae45587_1706612422999_WKZZ2Tg_y8_zpAftg43_betssontest.jpg
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fe3 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ec78cc246d8596168c3b7aa105e237d33f7abceee650f236cc186319e371a0d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iframe.fresh8.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrdSAod2Hi5svpMMs6wtHLs7075P9fpwr7v4AiYw2Thu-SY2Oh7VaImvpfeCg_M8FiMbnU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
690
last-modified
Tue, 30 Jan 2024 11:00:23 GMT
etag
"666ad1f7794bbc67bae1ffc658e031b8"
x-f8-o
P
vary
Accept-Encoding
x-goog-generation
1706612423521176
content-type
application/octet-stream
x-goog-hash
crc32c=XkMT3g==, md5=ZmrR93lLvGe64f/GWOAxuA==
cache-control
public, max-age=2592000
x-goog-stored-content-length
2787
accept-ranges
bytes
ca
tt-11382-4.seg.t.tailtarget.com/ Frame A4DC 		83 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-11382-4.seg.t.tailtarget.com/ca?tZ=463474283&env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
eec75800b899771a514fd93bc6e6cbd7e7e0063fcd1b711f75329360371a9527

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apostas-esportivas
www.betsson.com/br/ Frame 100F
Redirect Chain
  • https://record.betsson.com/_fcyyClJ_zrxrQFtIwXgbW2Nd7ZgqdRLk/65/
  • https://www.betsson.com/br/apostas-esportivas?from=h_YD3EAcVQ4ScGzzG6TeX2Nd7ZgqdRLk-AD0971356814&affcode=AD0971356814&utm_medium=Affiliate&utm_source=10690583
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betsson.com/br/apostas-esportivas?from=h_YD3EAcVQ4ScGzzG6TeX2Nd7ZgqdRLk-AD0971356814&affcode=AD0971356814&utm_medium=Affiliate&utm_source=10690583
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-48.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.betssongroupaffiliates.com *.ptstaging.eu *.onegameslink.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://iframe.fresh8.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
558
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
content-encoding
br
content-length
189857
content-security-policy
frame-ancestors 'self' *.betssongroupaffiliates.com *.ptstaging.eu *.onegameslink.com
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:38:58 GMT
etag
W/"2e5a1-5JTPRDdTHF/2K9pb56QQTSsfRFs"
expires
-1
last-modified
Sun, 24 Mar 2024 15:07:25 GMT
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains
vary
X-OBG-Country-Code,X-OBG-BOT
via
1.1 ae7bbb23871eba9dda7f1abdc6bacfa0.cloudfront.net (CloudFront)
x-amz-cf-id
kPDbOsreLShFmpsI6e3wHDxzx-4X8sIGUl6GRHqio5P9jTIwmQ8gAQ==
x-amz-cf-pop
YUL62-C2
x-cache
Hit from cloudfront
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate Cache-Control: no-cache
cf-cache-status
BYPASS
cf-ray
8697ccf398063a0a-YYZ
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:47:35 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://www.betsson.com/br/apostas-esportivas?from=h_YD3EAcVQ4ScGzzG6TeX2Nd7ZgqdRLk-AD0971356814&affcode=AD0971356814&utm_medium=Affiliate&utm_source=10690583
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
/
clickstream.fresh8.co/e/ Frame 2E61 		2 B
55 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://clickstream.fresh8.co/e/
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.196.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.196.117.34.bc.googleusercontent.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://iframe.fresh8.co/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
via
1.1 google
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://iframe.fresh8.co
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Carousel-feiffrYC.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Carousel-feiffrYC.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5e1caf366ac7384626ff09d991e1fdfee19c9a2a37f49645874a31572efb455

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpcDkGZoUS2Hzr-gSiR8w3QSyjQq5s-JYje-f4mtHQUPQJ3LXLdVGG90wo_o8r8knQvNC4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
10117
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"86ec2074dd81f05ec60195d429d83c83"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098765691
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=dU38lg==, md5=huwgdN2B8F7GAZXUKdg8gw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
10117
accept-ranges
bytes
useAutoScroll-Sbc2rOaP.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		868 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/useAutoScroll-Sbc2rOaP.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b2290d3ab562554a5cea7eef43ede6aea8a5186662ec67be34c1bc04ec7cf04b

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrCLvi00TmAdYjJooXklBHQ_fYtkL-hpTHMxpCs2Om6rpPMuxU8Ql9Aprk4TEygsQsoQZRZwKKwCg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
503
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"1a3712b37b16c86a41e4cfeb7e32c15b"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098414270
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=zI5brQ==, md5=GjcSs3sWyGpB5M/rfjLBWw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
503
accept-ranges
bytes
Lato-Bold-latin.woff2
cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/ Frame 2E61 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/Lato-Bold-latin.woff2
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fda Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5

Request headers

Referer
https://iframe.fresh8.co/
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1704724398
x-guploader-uploadid
ABPtcPrEU2uZnZh2ztojoXCOjf_h2-zAuVLgCFuvdJxSRQNWRUE1e_0_g0-foLCIE1SyycpTzi_AATvdPg
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
14156
last-modified
Mon, 08 Jan 2024 14:33:35 GMT
etag
"017598645bcc882a3610effe171c2ca3"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1704724415945319
content-type
application/octet-stream
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=XLhLrg==, md5=AXWYZFvMiCo2EO/+Fxwsow==
cache-control
public, max-age=2592000
x-goog-stored-content-length
14168
accept-ranges
bytes
Lato-Regular-latin.woff2
cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/ Frame 2E61 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/Lato-Regular-latin.woff2
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fda Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Request headers

Referer
https://iframe.fresh8.co/
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1704724398
x-guploader-uploadid
ABPtcPqFGYXFMPAfzTWiCDRuRr4_Vv3e7WGKLYtFfzE_XzGu7unnHuQiuVAPBUNrdHfWy4YkrlFqen98Tw
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
13990
last-modified
Mon, 08 Jan 2024 14:33:49 GMT
etag
"b7d6b48d8d12946dc808ff39aed6c460"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1704724429379481
content-type
application/octet-stream
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=ffZpvA==, md5=t9a0jY0SlG3ICP85rtbEYA==
cache-control
public, max-age=2592000
x-goog-stored-content-length
13980
accept-ranges
bytes
61545b205b0298001ae45587_1706773587555_VGo2VqhJis_623da236494540001bac64b3_1692171574318_l0n8F-BBqa_betsson-logo.svg
console-user-assets-cdn.fresh8.co/ Frame 2E61 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://console-user-assets-cdn.fresh8.co/61545b205b0298001ae45587_1706773587555_VGo2VqhJis_623da236494540001bac64b3_1692171574318_l0n8F-BBqa_betsson-logo.svg
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fe3 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c25072ff8d6ffbc3642e582046db7019008394ad48329b2fad35dfd8e26fab17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iframe.fresh8.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqO-Tris8xtfMo4f2nZ6ZnndgRymSxPcAsfsMdA5c7EFiqAZO_aGUf9k222vgW1Wcn0AKY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
2417
last-modified
Thu, 01 Feb 2024 07:46:27 GMT
etag
"d11d43f4ae3f6126c81df23d5f762504"
x-f8-o
P
vary
Accept-Encoding
x-goog-generation
1706773587938867
content-type
image/svg+xml
x-goog-hash
crc32c=tB0ZAw==, md5=0R1D9K4/YSbIHfI9X3YlBA==
cache-control
public, max-age=2592000
x-goog-stored-content-length
6606
accept-ranges
bytes
apostas-esportivas
www.betsson.com/br/ Frame 22F1
Redirect Chain
  • https://record.betsson.com/_fcyyClJ_zrxrQFtIwXgbW2Nd7ZgqdRLk/65/
  • https://www.betsson.com/br/apostas-esportivas?from=h_YD3EAcVQ6jwNHOmFhywmNd7ZgqdRLk-AD0971356814&affcode=AD0971356814&utm_medium=Affiliate&utm_source=10690583
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betsson.com/br/apostas-esportivas?from=h_YD3EAcVQ6jwNHOmFhywmNd7ZgqdRLk-AD0971356814&affcode=AD0971356814&utm_medium=Affiliate&utm_source=10690583
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-48.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.betssongroupaffiliates.com *.ptstaging.eu *.onegameslink.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://iframe.fresh8.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
558
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
content-encoding
br
content-length
189857
content-security-policy
frame-ancestors 'self' *.betssongroupaffiliates.com *.ptstaging.eu *.onegameslink.com
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:38:58 GMT
etag
W/"2e5a1-5JTPRDdTHF/2K9pb56QQTSsfRFs"
expires
-1
last-modified
Sun, 24 Mar 2024 15:07:25 GMT
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains
vary
X-OBG-Country-Code,X-OBG-BOT
via
1.1 ae7bbb23871eba9dda7f1abdc6bacfa0.cloudfront.net (CloudFront)
x-amz-cf-id
coUi0S6Re2RmJgSqVPfzgRyb440nwvjMsPeIK3R7jHQ6uJH5z46Uhw==
x-amz-cf-pop
YUL62-C2
x-cache
Hit from cloudfront
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate Cache-Control: no-cache
cf-cache-status
BYPASS
cf-ray
8697ccf398083a0a-YYZ
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:47:35 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://www.betsson.com/br/apostas-esportivas?from=h_YD3EAcVQ6jwNHOmFhywmNd7ZgqdRLk-AD0971356814&affcode=AD0971356814&utm_medium=Affiliate&utm_source=10690583
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
/
clickstream.fresh8.co/e/ Frame 78C3 		2 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://clickstream.fresh8.co/e/
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.196.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.196.117.34.bc.googleusercontent.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://iframe.fresh8.co/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
via
1.1 google
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://iframe.fresh8.co
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Carousel-feiffrYC.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Carousel-feiffrYC.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5e1caf366ac7384626ff09d991e1fdfee19c9a2a37f49645874a31572efb455

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpcDkGZoUS2Hzr-gSiR8w3QSyjQq5s-JYje-f4mtHQUPQJ3LXLdVGG90wo_o8r8knQvNC4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
10117
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"86ec2074dd81f05ec60195d429d83c83"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098765691
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=dU38lg==, md5=huwgdN2B8F7GAZXUKdg8gw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
10117
accept-ranges
bytes
useAutoScroll-Sbc2rOaP.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		868 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/useAutoScroll-Sbc2rOaP.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b2290d3ab562554a5cea7eef43ede6aea8a5186662ec67be34c1bc04ec7cf04b

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrCLvi00TmAdYjJooXklBHQ_fYtkL-hpTHMxpCs2Om6rpPMuxU8Ql9Aprk4TEygsQsoQZRZwKKwCg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
503
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"1a3712b37b16c86a41e4cfeb7e32c15b"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098414270
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=zI5brQ==, md5=GjcSs3sWyGpB5M/rfjLBWw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
503
accept-ranges
bytes
Lato-Bold-latin.woff2
cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/ Frame 78C3 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/Lato-Bold-latin.woff2
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fda Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5

Request headers

Referer
https://iframe.fresh8.co/
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1704724398
x-guploader-uploadid
ABPtcPrEU2uZnZh2ztojoXCOjf_h2-zAuVLgCFuvdJxSRQNWRUE1e_0_g0-foLCIE1SyycpTzi_AATvdPg
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
14156
last-modified
Mon, 08 Jan 2024 14:33:35 GMT
etag
"017598645bcc882a3610effe171c2ca3"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1704724415945319
content-type
application/octet-stream
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=XLhLrg==, md5=AXWYZFvMiCo2EO/+Fxwsow==
cache-control
public, max-age=2592000
x-goog-stored-content-length
14168
accept-ranges
bytes
Lato-Regular-latin.woff2
cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/ Frame 78C3 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/Lato-Regular-latin.woff2
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fda Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Request headers

Referer
https://iframe.fresh8.co/
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1704724398
x-guploader-uploadid
ABPtcPqFGYXFMPAfzTWiCDRuRr4_Vv3e7WGKLYtFfzE_XzGu7unnHuQiuVAPBUNrdHfWy4YkrlFqen98Tw
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
13990
last-modified
Mon, 08 Jan 2024 14:33:49 GMT
etag
"b7d6b48d8d12946dc808ff39aed6c460"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1704724429379481
content-type
application/octet-stream
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=ffZpvA==, md5=t9a0jY0SlG3ICP85rtbEYA==
cache-control
public, max-age=2592000
x-goog-stored-content-length
13980
accept-ranges
bytes
61545b205b0298001ae45587_1706773587555_VGo2VqhJis_623da236494540001bac64b3_1692171574318_l0n8F-BBqa_betsson-logo.svg
console-user-assets-cdn.fresh8.co/ Frame 78C3 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://console-user-assets-cdn.fresh8.co/61545b205b0298001ae45587_1706773587555_VGo2VqhJis_623da236494540001bac64b3_1692171574318_l0n8F-BBqa_betsson-logo.svg
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fe3 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c25072ff8d6ffbc3642e582046db7019008394ad48329b2fad35dfd8e26fab17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iframe.fresh8.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqO-Tris8xtfMo4f2nZ6ZnndgRymSxPcAsfsMdA5c7EFiqAZO_aGUf9k222vgW1Wcn0AKY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
2417
last-modified
Thu, 01 Feb 2024 07:46:27 GMT
etag
"d11d43f4ae3f6126c81df23d5f762504"
x-f8-o
P
vary
Accept-Encoding
x-goog-generation
1706773587938867
content-type
image/svg+xml
x-goog-hash
crc32c=tB0ZAw==, md5=0R1D9K4/YSbIHfI9X3YlBA==
cache-control
public, max-age=2592000
x-goog-stored-content-length
6606
accept-ranges
bytes
WrapperBadges-hCO7Rmnn.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/WrapperBadges-hCO7Rmnn.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b9fba8637bed100516f5021601598181117640b4a5307eba93c3d325364d55a

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqOCJfy_5ZTSGxIqwh82F2vFZ0xHiIEfvZSQ5sEpIbLncKqvkuzbEg90026zvZqOuavt6n6esRYGg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1670
last-modified
Tue, 12 Mar 2024 09:18:19 GMT
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-hash
crc32c=Cl9Uug==, md5=EQQdBYrFx7zt/X/qxFKkLA==
x-goog-generation
1710235099013436
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1678
accept-ranges
none
OfferWrapper-n0VusjZ2.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/OfferWrapper-n0VusjZ2.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9eecadc86d32845f447cf5062cf12a3aa95d0f14d7197223a0b306a45fc96470

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoErnS03Dm3xwfkalUDUzhWXWXuY9Cif8f_m8ztI05YJmySGV-jr30g7iHPhbQoWj_gPBdww6Zymg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
943
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"9bc46e18898fc47ce5aa9267d996a62a"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098596702
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=19DVAQ==, md5=m8RuGImPxHzlqpJn2ZamKg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
943
accept-ranges
bytes
__tt.gif
t.tailtarget.com/ Frame A4DC 		43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-11382-4&tE=0&tF=&tI=_buffalo_new%20york_us_1711295255375_1611265731&tJ=&tU=0100007F144B0066AD066F53027E7B31&tX=b.52&tY=1&tZ=6043188
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
WrapperBadges-hCO7Rmnn.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/WrapperBadges-hCO7Rmnn.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b9fba8637bed100516f5021601598181117640b4a5307eba93c3d325364d55a

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqOCJfy_5ZTSGxIqwh82F2vFZ0xHiIEfvZSQ5sEpIbLncKqvkuzbEg90026zvZqOuavt6n6esRYGg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1670
last-modified
Tue, 12 Mar 2024 09:18:19 GMT
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-hash
crc32c=Cl9Uug==, md5=EQQdBYrFx7zt/X/qxFKkLA==
x-goog-generation
1710235099013436
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1678
accept-ranges
none
OfferWrapper-n0VusjZ2.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/OfferWrapper-n0VusjZ2.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9eecadc86d32845f447cf5062cf12a3aa95d0f14d7197223a0b306a45fc96470

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoErnS03Dm3xwfkalUDUzhWXWXuY9Cif8f_m8ztI05YJmySGV-jr30g7iHPhbQoWj_gPBdww6Zymg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
943
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"9bc46e18898fc47ce5aa9267d996a62a"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098596702
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=19DVAQ==, md5=m8RuGImPxHzlqpJn2ZamKg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
943
accept-ranges
bytes
MPUOffer-rBgvWLW9.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/MPUOffer-rBgvWLW9.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2882a46915c964d7d21b92d5ccc6125edb2dc4f6c2d0a976b10ef09eeee08162

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqyny4qlETJzWJFgbzfCDGPEy1OLonORVASpX7wyR87Z3nTKBj4ssohOgdNtteX3xL21R2roGtSFw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1377
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"da13c297af868a9cf3ae6e542c5ce37c"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097411602
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=4gQPtw==, md5=2hPCl6+Gipzzrm5ULFzjfA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1377
accept-ranges
bytes
OfferTransition.vue_vue_type_script_setup_true_lang-La9rqncj.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/OfferTransition.vue_vue_type_script_setup_true_lang-La9rqncj.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3ea5e6d848497ec2f851caf2a20b3b548e24bbfb9eb365306a0db6c560b22bce

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoclkksoIg47nu8WzKLgGwVbIfl_XaWHNZDuBhrKBMYkiQ3Luu38S7XIGO__Qhz0XLO9lE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
2302
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"c6ce26deab2a20c4f4d8ddec3e68b68c"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098106455
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=ZHbKuA==, md5=xs4m3qsqIMT02N3sPmi2jA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
2302
accept-ranges
bytes
FontFillText-UgbmkGYW.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/FontFillText-UgbmkGYW.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f99d6e1a5a562436be4258e45efb14e82767e532149f83855ff8d826e03af49

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpkMb5r6A6-251YUeCOvgx3jC1HHNCwWZjGDtyaC3FTdlJjgmxrj5jgIiOIPaRsNyZo_NZhuBWNAA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
5487
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"5ec85732a0e5bbcae7080dd19a25ab35"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097990049
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=EhI3AA==, md5=XshXMqDlu8rnCA3RmiWrNQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
5487
accept-ranges
bytes
MPU_List--WOLJaPc.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/MPU_List--WOLJaPc.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
847868b2c2cf1a6ffca0353dcb6f7c4816382455a64dd89d0a7d0274ce299970

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoOEpFMDOxrkT1AeAoxghW8DOoPbrcuNZMxXqzBK0zFS71zW-z-450AIKHskOT8idOAUdo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1569
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"4d222cd62fed3ed0ed5141bab32b1cc3"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097424038
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=D199YQ==, md5=TSIs1i/tPtDtUUG6syscww==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1569
accept-ranges
bytes
ListOption-GYouLJPA.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/ListOption-GYouLJPA.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e05f3e7de53284e3ddcd2762922492c8a8c67387ca6cddec1feb57412796cb3e

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPq3KdsSlDTrkPspelUlgBeJAM-s0aAeuMocpY5TX3vQVnbSQAblh52E_NlHIETvLulkmysqYcsT2Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
3206
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-hash
crc32c=lFzXJQ==, md5=lHjpfrW1rKKj+d4MjM3j4g==
x-goog-generation
1710235098328405
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
3219
accept-ranges
none
Lock--COGD48t.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		654 B
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Lock--COGD48t.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d0afe0e845c29c1b4e93c7af516e320351631ab0c69f611f2ddf1ae9525c6ea

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPr0LfqP8tS5kk-GiK96YYJzdaladRcEoelU6ZMyELikwY-Lds5YMl_cpoqAggzZ4Eyz0IDZNXR8Hw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
436
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"59170ea421d1fd1af86d5905a167cec4"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097915085
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=iVN04Q==, md5=WRcOpCHR/Rr4bVkFoWfOxA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
436
accept-ranges
bytes
index-QKAFYrtF.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		263 B
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/index-QKAFYrtF.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9d933a41dcfce4d3b09116d22b65a170807bb5009508f537942b841e6b1c26e6

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPp62Hwmv4uvBumF7kPU-IX1HQEhqtxTrZkW3gyPdiPzjB_dB6HRKrrFMxB9tl4OPqlWlKiiCr4RbA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
225
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"85ca7703fa0f099331ff5d42986a4e68"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097035988
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=Hmbz/Q==, md5=hcp3A/oPCZMx/11CmGpOaA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
225
accept-ranges
bytes
DynamicEventBanner.vue_vue_type_script_setup_true_lang-pzPsTOhH.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/DynamicEventBanner.vue_vue_type_script_setup_true_lang-pzPsTOhH.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
87aea15a85916f617ff5293dff7b46b1da669a28c1c0e69b9f36fd1a6cb7aceb

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqK-HtS-YFnha69WWsbfrWSh8bXCYJmmW_RULo4VcFPRshZVbUHrO0aPQNHNHVZ9UjUgzsprBEQ9w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1652
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"8bde3d956ce6b420fbed8bf552735fd2"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098632965
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=3XCi8Q==, md5=i949lWzmtCD77Yv1UnNf0g==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1652
accept-ranges
bytes
CompetitorsBadges-X8iQzPK3.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/CompetitorsBadges-X8iQzPK3.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
71d886787a2dc09f325d2a8c1f6a506322609263b328aa338f12e8748cf996c7

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrsbAMJHU0i2MboFVbX94SPvHF9nQkPDO8HkKPwYbOIp4RjKLypRoc5mm4rWqy5pyt6RQcbeSlv3Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
2301
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"edb8acf19342ca7e3456a2f04e52dbbb"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098434856
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=AsE9BQ==, md5=7bis8ZNCyn40VqLwTlLbuw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
2301
accept-ranges
bytes
TeamBanner-2-090dya.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/TeamBanner-2-090dya.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ea27726e855e1e7eea8c1ea3b4602215a3f7429ef2afbb052dd373e8212c4526

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpIw0r47rqdrVoDi2hCWEx6K7A-9nRl5LTZZhOK3hcS0bf9k7_o_Sm-0OiOuRn_bedrvb0w7usQXQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1872
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"92bf4b2f29fdf98f8d8b4d64c188a5e6"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098031880
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=tUBfaQ==, md5=kr9LLyn9+Y+Ni01kwYil5g==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1872
accept-ranges
bytes
TeamIcon.vue_vue_type_script_setup_true_lang-YsgXqtQQ.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/TeamIcon.vue_vue_type_script_setup_true_lang-YsgXqtQQ.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af223bf3fdb102b3aceed245c35e888934b30283745fbbfd81ccba5fe72a1b10

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqGH3wItD3NugCmWvXM6sQTDF_YeEl2_wJY7h1J4LQutc3Ea1udaCVlF9a_LQvHe0bcUBAg8qQQCw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1207
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"0df2b1a6cca56d44f8b8edeccd5b1b5e"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098609454
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=K0UDDQ==, md5=DfKxpsylbUT4uO3szVsbXg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1207
accept-ranges
bytes
TeamBannerText-JjspUThj.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/TeamBannerText-JjspUThj.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7b527d957565c3d6e7cbc08b04b0a7ec9ade14534b75476e982a98c6eba28546

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqHHAuaBWd26g7mLRB77zkhHQodA0OKd-UeUNZo2cnUBmNvljWKJl2dgcsCyqnSKPyO8KTqNYPdXQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
658
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"cd39a4978fadc24122b16c6b77a41dbb"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097078495
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=E8eZIw==, md5=zTmkl4+twkEisWxrd6Qduw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
658
accept-ranges
bytes
TeamVersusIcon-RGQCnzJ2.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/TeamVersusIcon-RGQCnzJ2.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
72fdf730872df4a59d7a755549f6d4c66dcb1d375858a2c835ede1c4da01fcc2

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqfiKA7VkRjNCm7TWjprtPxjpK_YP9WP3uf9p-Vb4wOT-GP8RjUcXy42Lp4a1aNrQDcQvw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1290
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"1d5a5da40f33d9d659dbe7870bece4fd"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097689821
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=eVgUOw==, md5=HVpdpA8z2dZZ2+eHC+zk/Q==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1290
accept-ranges
bytes
MarketName-ApeuWNVD.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/MarketName-ApeuWNVD.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b6c7cd871f51cbad33d73513bca0c4dbf96bf1da60050825299d963873a9edd7

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqMEBGdUmvKSgQw-HyEWY5SBTO8QeSOMlajFEiHZni8C3htiqosEGxZHxuBKIJ1pKNyuIp1M5zGZQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
646
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"1ba1e80d3560657758c1117f1c234b21"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098013738
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=X+rdIg==, md5=G6HoDTVgZXdYwRF/HCNLIQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
646
accept-ranges
bytes
CardHeader-W33Urold.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/CardHeader-W33Urold.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
04eeb0b5222c635717d1469f02018af2f30e5e0df81cbe6a3d977234f0df9c9c

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqYU2EOW783DsQmPpuJCl7scw1hHbdi5xogXS4e6KoozGdCXGX_Q8_QzZEpcT6cd3G3uB8mv_Ihdw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1178
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"4d1a43895bc6f4d93b67d46ca5016be1"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097976694
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=cpSLeQ==, md5=TRpDiVvG9Nk7Z9RspQFr4Q==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1178
accept-ranges
bytes
Live-rkiKwpin.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		1022 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Live-rkiKwpin.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b72ae57956280a1bd4c6eac8f6ef4df8c51f9ed4652e0ba63f7fef04640118e9

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpheLHaKML-yjtgioEJnHUW7sJcUCn56RiXbRDko-V1c9j6gnRxNpUjRwHU_vwOcQp__YHcyxIB6g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
619
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"611ff975976ee78472a6c45d8fb10e3a"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097104331
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=algikQ==, md5=YR/5dZdu54RypsRdj7EOOg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
619
accept-ranges
bytes
formatDate-pS5elLpA.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		1 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/formatDate-pS5elLpA.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
aa2fc370492adb23ac0c6b60b2283ef99aa27ff0a79c9452bb2a967b6d3f8950

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrpXLw-OlAOXiu0iEQvdGctiABCiYC9i97dJgzsiO3ihJ2_8n_raVtpBN0mdx1Eps0Ip7jcrfzYSg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
521
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"852deb54546945ec6e52932793b1b150"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098695918
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=UxS6+w==, md5=hS3rVFRpRexuUpMnk7GxUA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
521
accept-ranges
bytes
FixtureDate-2_RKk5-I.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		598 B
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/FixtureDate-2_RKk5-I.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c78a890f8af17762c061219c48d8838e61aca591473fc490db82e7a01e57c23a

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpg74HFnGPhBrIUzf-BORn_bPcb07XiVIzhztTbOUTID70DD6zkZovvNwIajNm2e4RpADU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
389
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"bdb66158a85ac6f3a0917a215e1fd3d1"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097410466
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=MpAhNA==, md5=vbZhWKhaxvOgkXohXh/T0Q==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
389
accept-ranges
bytes
FixtureSport-ObdL19TE.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		600 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/FixtureSport-ObdL19TE.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
895a0f2379ad5bacea2c38beb6f402996d6a2ee026fefe9ab234a9e764a88f98

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPp12iLrD4rK2hfTMr9dW1lwB9SsrOL2HdWY_DHpIrR7lk7_-FYN9Ljozqap21u69lPpZ7U
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
394
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"129b08f391a7c3b74464011eeea6106e"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097648325
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=Gh1W1A==, md5=EpsI85Gnw7dEZAEe7qYQbg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
394
accept-ranges
bytes
ScrollContainer.vue_vue_type_script_setup_true_lang-BkO5nIGH.js
iframe-assets.fresh8.co/v4/_assets/ Frame 2E61 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/ScrollContainer.vue_vue_type_script_setup_true_lang-BkO5nIGH.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9072239b730674fb2c829fba2c4db02e76f0e1ed1d18659a7800de104ebdb133

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPraXqNKhQ6BkDA0qwqovAJbQ99M44C0_B2sznPkvh1eygbJiJFleGRjPXdQsMgRJSfRex0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1360
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"3d942fc6d08aa62a8f6967e8a7abac09"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097918548
x-goog-hash
crc32c=tejsTg==, md5=PZQvxtCKpiqPaWfop6usCQ==
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1360
accept-ranges
bytes
MPUOffer-rBgvWLW9.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/MPUOffer-rBgvWLW9.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2882a46915c964d7d21b92d5ccc6125edb2dc4f6c2d0a976b10ef09eeee08162

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqyny4qlETJzWJFgbzfCDGPEy1OLonORVASpX7wyR87Z3nTKBj4ssohOgdNtteX3xL21R2roGtSFw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1377
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"da13c297af868a9cf3ae6e542c5ce37c"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097411602
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=4gQPtw==, md5=2hPCl6+Gipzzrm5ULFzjfA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1377
accept-ranges
bytes
OfferTransition.vue_vue_type_script_setup_true_lang-La9rqncj.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/OfferTransition.vue_vue_type_script_setup_true_lang-La9rqncj.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3ea5e6d848497ec2f851caf2a20b3b548e24bbfb9eb365306a0db6c560b22bce

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoclkksoIg47nu8WzKLgGwVbIfl_XaWHNZDuBhrKBMYkiQ3Luu38S7XIGO__Qhz0XLO9lE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
2302
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"c6ce26deab2a20c4f4d8ddec3e68b68c"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098106455
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=ZHbKuA==, md5=xs4m3qsqIMT02N3sPmi2jA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
2302
accept-ranges
bytes
FontFillText-UgbmkGYW.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/FontFillText-UgbmkGYW.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f99d6e1a5a562436be4258e45efb14e82767e532149f83855ff8d826e03af49

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpkMb5r6A6-251YUeCOvgx3jC1HHNCwWZjGDtyaC3FTdlJjgmxrj5jgIiOIPaRsNyZo_NZhuBWNAA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
5487
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"5ec85732a0e5bbcae7080dd19a25ab35"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097990049
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=EhI3AA==, md5=XshXMqDlu8rnCA3RmiWrNQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
5487
accept-ranges
bytes
MPU_List--WOLJaPc.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/MPU_List--WOLJaPc.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
847868b2c2cf1a6ffca0353dcb6f7c4816382455a64dd89d0a7d0274ce299970

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoOEpFMDOxrkT1AeAoxghW8DOoPbrcuNZMxXqzBK0zFS71zW-z-450AIKHskOT8idOAUdo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1569
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"4d222cd62fed3ed0ed5141bab32b1cc3"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097424038
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=D199YQ==, md5=TSIs1i/tPtDtUUG6syscww==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1569
accept-ranges
bytes
ListOption-GYouLJPA.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/ListOption-GYouLJPA.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e05f3e7de53284e3ddcd2762922492c8a8c67387ca6cddec1feb57412796cb3e

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPq3KdsSlDTrkPspelUlgBeJAM-s0aAeuMocpY5TX3vQVnbSQAblh52E_NlHIETvLulkmysqYcsT2Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
3206
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-hash
crc32c=lFzXJQ==, md5=lHjpfrW1rKKj+d4MjM3j4g==
x-goog-generation
1710235098328405
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
3219
accept-ranges
none
Lock--COGD48t.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		654 B
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Lock--COGD48t.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d0afe0e845c29c1b4e93c7af516e320351631ab0c69f611f2ddf1ae9525c6ea

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPr0LfqP8tS5kk-GiK96YYJzdaladRcEoelU6ZMyELikwY-Lds5YMl_cpoqAggzZ4Eyz0IDZNXR8Hw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
436
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"59170ea421d1fd1af86d5905a167cec4"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097915085
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=iVN04Q==, md5=WRcOpCHR/Rr4bVkFoWfOxA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
436
accept-ranges
bytes
index-QKAFYrtF.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		263 B
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/index-QKAFYrtF.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9d933a41dcfce4d3b09116d22b65a170807bb5009508f537942b841e6b1c26e6

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPp62Hwmv4uvBumF7kPU-IX1HQEhqtxTrZkW3gyPdiPzjB_dB6HRKrrFMxB9tl4OPqlWlKiiCr4RbA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
225
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"85ca7703fa0f099331ff5d42986a4e68"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097035988
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=Hmbz/Q==, md5=hcp3A/oPCZMx/11CmGpOaA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
225
accept-ranges
bytes
DynamicEventBanner.vue_vue_type_script_setup_true_lang-pzPsTOhH.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/DynamicEventBanner.vue_vue_type_script_setup_true_lang-pzPsTOhH.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
87aea15a85916f617ff5293dff7b46b1da669a28c1c0e69b9f36fd1a6cb7aceb

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqK-HtS-YFnha69WWsbfrWSh8bXCYJmmW_RULo4VcFPRshZVbUHrO0aPQNHNHVZ9UjUgzsprBEQ9w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1652
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"8bde3d956ce6b420fbed8bf552735fd2"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098632965
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=3XCi8Q==, md5=i949lWzmtCD77Yv1UnNf0g==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1652
accept-ranges
bytes
CompetitorsBadges-X8iQzPK3.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/CompetitorsBadges-X8iQzPK3.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
71d886787a2dc09f325d2a8c1f6a506322609263b328aa338f12e8748cf996c7

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrsbAMJHU0i2MboFVbX94SPvHF9nQkPDO8HkKPwYbOIp4RjKLypRoc5mm4rWqy5pyt6RQcbeSlv3Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
2301
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"edb8acf19342ca7e3456a2f04e52dbbb"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098434856
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=AsE9BQ==, md5=7bis8ZNCyn40VqLwTlLbuw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
2301
accept-ranges
bytes
TeamBanner-2-090dya.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/TeamBanner-2-090dya.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ea27726e855e1e7eea8c1ea3b4602215a3f7429ef2afbb052dd373e8212c4526

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpIw0r47rqdrVoDi2hCWEx6K7A-9nRl5LTZZhOK3hcS0bf9k7_o_Sm-0OiOuRn_bedrvb0w7usQXQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1872
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"92bf4b2f29fdf98f8d8b4d64c188a5e6"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098031880
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=tUBfaQ==, md5=kr9LLyn9+Y+Ni01kwYil5g==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1872
accept-ranges
bytes
TeamIcon.vue_vue_type_script_setup_true_lang-YsgXqtQQ.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/TeamIcon.vue_vue_type_script_setup_true_lang-YsgXqtQQ.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af223bf3fdb102b3aceed245c35e888934b30283745fbbfd81ccba5fe72a1b10

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqGH3wItD3NugCmWvXM6sQTDF_YeEl2_wJY7h1J4LQutc3Ea1udaCVlF9a_LQvHe0bcUBAg8qQQCw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1207
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"0df2b1a6cca56d44f8b8edeccd5b1b5e"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098609454
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=K0UDDQ==, md5=DfKxpsylbUT4uO3szVsbXg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1207
accept-ranges
bytes
TeamBannerText-JjspUThj.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/TeamBannerText-JjspUThj.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7b527d957565c3d6e7cbc08b04b0a7ec9ade14534b75476e982a98c6eba28546

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqHHAuaBWd26g7mLRB77zkhHQodA0OKd-UeUNZo2cnUBmNvljWKJl2dgcsCyqnSKPyO8KTqNYPdXQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
658
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"cd39a4978fadc24122b16c6b77a41dbb"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097078495
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=E8eZIw==, md5=zTmkl4+twkEisWxrd6Qduw==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
658
accept-ranges
bytes
TeamVersusIcon-RGQCnzJ2.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/TeamVersusIcon-RGQCnzJ2.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
72fdf730872df4a59d7a755549f6d4c66dcb1d375858a2c835ede1c4da01fcc2

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqfiKA7VkRjNCm7TWjprtPxjpK_YP9WP3uf9p-Vb4wOT-GP8RjUcXy42Lp4a1aNrQDcQvw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1290
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"1d5a5da40f33d9d659dbe7870bece4fd"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097689821
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=eVgUOw==, md5=HVpdpA8z2dZZ2+eHC+zk/Q==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1290
accept-ranges
bytes
MarketName-ApeuWNVD.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/MarketName-ApeuWNVD.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b6c7cd871f51cbad33d73513bca0c4dbf96bf1da60050825299d963873a9edd7

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqMEBGdUmvKSgQw-HyEWY5SBTO8QeSOMlajFEiHZni8C3htiqosEGxZHxuBKIJ1pKNyuIp1M5zGZQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
646
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"1ba1e80d3560657758c1117f1c234b21"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098013738
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=X+rdIg==, md5=G6HoDTVgZXdYwRF/HCNLIQ==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
646
accept-ranges
bytes
CardHeader-W33Urold.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/CardHeader-W33Urold.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
04eeb0b5222c635717d1469f02018af2f30e5e0df81cbe6a3d977234f0df9c9c

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqYU2EOW783DsQmPpuJCl7scw1hHbdi5xogXS4e6KoozGdCXGX_Q8_QzZEpcT6cd3G3uB8mv_Ihdw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1178
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"4d1a43895bc6f4d93b67d46ca5016be1"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097976694
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=cpSLeQ==, md5=TRpDiVvG9Nk7Z9RspQFr4Q==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1178
accept-ranges
bytes
Live-rkiKwpin.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		1022 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/Live-rkiKwpin.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b72ae57956280a1bd4c6eac8f6ef4df8c51f9ed4652e0ba63f7fef04640118e9

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpheLHaKML-yjtgioEJnHUW7sJcUCn56RiXbRDko-V1c9j6gnRxNpUjRwHU_vwOcQp__YHcyxIB6g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
619
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"611ff975976ee78472a6c45d8fb10e3a"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097104331
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=algikQ==, md5=YR/5dZdu54RypsRdj7EOOg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
619
accept-ranges
bytes
formatDate-pS5elLpA.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		1 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/formatDate-pS5elLpA.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
aa2fc370492adb23ac0c6b60b2283ef99aa27ff0a79c9452bb2a967b6d3f8950

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrpXLw-OlAOXiu0iEQvdGctiABCiYC9i97dJgzsiO3ihJ2_8n_raVtpBN0mdx1Eps0Ip7jcrfzYSg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
521
last-modified
Tue, 12 Mar 2024 09:18:18 GMT
etag
"852deb54546945ec6e52932793b1b150"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235098695918
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=UxS6+w==, md5=hS3rVFRpRexuUpMnk7GxUA==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
521
accept-ranges
bytes
FixtureDate-2_RKk5-I.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		598 B
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/FixtureDate-2_RKk5-I.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c78a890f8af17762c061219c48d8838e61aca591473fc490db82e7a01e57c23a

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpg74HFnGPhBrIUzf-BORn_bPcb07XiVIzhztTbOUTID70DD6zkZovvNwIajNm2e4RpADU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
389
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"bdb66158a85ac6f3a0917a215e1fd3d1"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097410466
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=MpAhNA==, md5=vbZhWKhaxvOgkXohXh/T0Q==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
389
accept-ranges
bytes
FixtureSport-ObdL19TE.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		600 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/FixtureSport-ObdL19TE.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
895a0f2379ad5bacea2c38beb6f402996d6a2ee026fefe9ab234a9e764a88f98

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPp12iLrD4rK2hfTMr9dW1lwB9SsrOL2HdWY_DHpIrR7lk7_-FYN9Ljozqap21u69lPpZ7U
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
394
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"129b08f391a7c3b74464011eeea6106e"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097648325
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=Gh1W1A==, md5=EpsI85Gnw7dEZAEe7qYQbg==
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
394
accept-ranges
bytes
ScrollContainer.vue_vue_type_script_setup_true_lang-BkO5nIGH.js
iframe-assets.fresh8.co/v4/_assets/ Frame 78C3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iframe-assets.fresh8.co/v4/_assets/ScrollContainer.vue_vue_type_script_setup_true_lang-BkO5nIGH.js
Requested by
Host: iframe-assets.fresh8.co
URL: https://iframe-assets.fresh8.co/v4/_assets/index-ndbj3Kth.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::172d:b4c9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9072239b730674fb2c829fba2c4db02e76f0e1ed1d18659a7800de104ebdb133

Request headers

Referer
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPraXqNKhQ6BkDA0qwqovAJbQ99M44C0_B2sznPkvh1eygbJiJFleGRjPXdQsMgRJSfRex0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1360
last-modified
Tue, 12 Mar 2024 09:18:17 GMT
etag
"3d942fc6d08aa62a8f6967e8a7abac09"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1710235097918548
x-goog-hash
crc32c=tejsTg==, md5=PZQvxtCKpiqPaWfop6usCQ==
content-type
application/javascript
access-control-allow-origin
https://iframe.fresh8.co
cache-control
no-transform, max-age=604800
x-goog-stored-content-length
1360
accept-ranges
bytes
tag.js
mc.yandex.ru/metrika/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
62a5fa8eb86fb06c5e0bc6d89097b5343dcbeecf1b8f7e0315a4fc9294840083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Mar 2024 14:07:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65f99c21-1200b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
73739
expires
Sun, 24 Mar 2024 16:47:36 GMT
user.php
em-br.diariodetocantins.com/ 		0
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/user.php
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://em-br.diariodetocantins.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3K9%2BxDgGSwvSYTZ9vd7ZbPQ0nDq6L5k29g9pA7sGDk%2BqqeHFO7PXcTCkV55nO3utYWHQnrQYksukXo1TlvuCrjqjQEKZZAidUEjThI8Gs0wY4U9EMhiVRd6WUvk%2BBQ02ZILrUY7nKyjSxjdeD5CfByGQdhpKXcW%2BJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8697ccf44baf4bd2-BUF
alt-svc
h3=":443"; ma=86400
send
vmuid.com/uid/ 		65 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vmuid.com/uid/send
Requested by
Host: vmuid.com
URL: https://vmuid.com/script.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.234.204.80 Edison, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
nginx /
Resource Hash
535aead0a5a7bd6c9f5e4291a5f556b34aa32d6b9479b501b2beb23dcad3fb68

Request headers

Accept
application/json
Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryk18BvBj0kBUBnYLb

Response headers

Date
Sun, 24 Mar 2024 15:47:35 GMT
Server
nginx
Accept-Ch
Sec-CH-UA-Platform-Version
Content-Type
application/json
Access-Control-Allow-Origin
https://em-br.diariodetocantins.com
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Content-Length
65
hit
pupspu.com/ 		2 B
391 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pupspu.com/hit
Requested by
Host: origunix.com
URL: https://origunix.com/sdk.js?sid=4dd7d833-3142-4a3f-a135-6fb1263ef9b8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.234.204.80 Edison, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryh6Mu2v5g9jVyy8DA

Response headers

Date
Sun, 24 Mar 2024 15:47:35 GMT
Server
nginx
Accept-Ch
Sec-CH-UA-Platform-Version
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:05:57 GMT
content-encoding
gzip
age
60098
x-guploader-uploadid
ABPtcPqJQ6tqd9qQvj_SFEu8-FrlSjl0yrhidNMNYEX3m-1s2YDdsoED41qdS6eS6RRvWNF1C2Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Sun, 24 Mar 2024 23:05:57 GMT
newsletter-capa.js
em-br.diariodetocantins.com/_templates/em/assets/javascripts/widgets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://em-br.diariodetocantins.com/_templates/em/assets/javascripts/widgets/newsletter-capa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:55aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d7f8bed2ed287a7e3ddb5074d17e2197ca5b85dcd302056f7c9196eebddb49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:36 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NIcgM14fYQkCaaD9GJtBTyBKNNO6kx%2FEpzvoXPGGCoq5%2BTJ6hofbnk59Is%2Bt9YMiaZQ6Q2OBNX8AFcUi%2F01v04I5YviIEN0VvpWAZuToQG9VrTGqr8zRnh%2FuCLW38Qp3GehrRWoxkf4QNBtKBtrM3O6nuVdzmIvbQ1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8697ccf4abcc4bd2-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
Lato-Black-latin.woff2
cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/ Frame 2E61 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/Lato-Black-latin.woff2
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fda Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56

Request headers

Referer
https://iframe.fresh8.co/
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1704724398
x-guploader-uploadid
ABPtcPoe5QnIlek7FmGO13r1VTg0R3eev9s9aCuT7jHwVd_NU-6aSACVOGTg13B2GDOQ8b09dQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
13744
last-modified
Mon, 08 Jan 2024 14:33:35 GMT
etag
"cf5ec3859b05de1b9351ab934b937417"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1704724415964526
content-type
application/octet-stream
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=B0pS6A==, md5=z17DhZsF3huTUauTS5N0Fw==
cache-control
public, max-age=2592000
x-goog-stored-content-length
13724
accept-ranges
bytes
Roboto-Bold-latin.woff2
cdn.fresh8.co/assets/evo-assets/fonts/Roboto/latin/ Frame 2E61 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fresh8.co/assets/evo-assets/fonts/Roboto/latin/Roboto-Bold-latin.woff2
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fda Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Request headers

Referer
https://iframe.fresh8.co/
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1704709215
x-guploader-uploadid
ABPtcPoge6oO5Xj3vwh0GNoIWiovmuQ4LwSy-jlJpI_dVhFIbPKRG7N718A9LSHmbwWu-dyqHEcwwPwdTQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
11063
last-modified
Mon, 08 Jan 2024 10:20:31 GMT
etag
"5e22a46c04d947a36ea0cad07afcc9e1"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1704709231910344
content-type
application/octet-stream
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=44JUUQ==, md5=XiKkbATZR6NuoMrQevzJ4Q==
cache-control
public, max-age=2592000
x-goog-stored-content-length
11040
accept-ranges
bytes
Lato-Black-latin.woff2
cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/ Frame 78C3 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fresh8.co/assets/evo-assets/fonts/lato/latin/Lato-Black-latin.woff2
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fda Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56

Request headers

Referer
https://iframe.fresh8.co/
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1704724398
x-guploader-uploadid
ABPtcPoe5QnIlek7FmGO13r1VTg0R3eev9s9aCuT7jHwVd_NU-6aSACVOGTg13B2GDOQ8b09dQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
13744
last-modified
Mon, 08 Jan 2024 14:33:35 GMT
etag
"cf5ec3859b05de1b9351ab934b937417"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1704724415964526
content-type
application/octet-stream
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=B0pS6A==, md5=z17DhZsF3huTUauTS5N0Fw==
cache-control
public, max-age=2592000
x-goog-stored-content-length
13724
accept-ranges
bytes
Roboto-Bold-latin.woff2
cdn.fresh8.co/assets/evo-assets/fonts/Roboto/latin/ Frame 78C3 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fresh8.co/assets/evo-assets/fonts/Roboto/latin/Roboto-Bold-latin.woff2
Requested by
Host: iframe.fresh8.co
URL: https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:9000::17c9:1fda Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Request headers

Referer
https://iframe.fresh8.co/
Origin
https://iframe.fresh8.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:35 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1704709215
x-guploader-uploadid
ABPtcPoge6oO5Xj3vwh0GNoIWiovmuQ4LwSy-jlJpI_dVhFIbPKRG7N718A9LSHmbwWu-dyqHEcwwPwdTQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
11063
last-modified
Mon, 08 Jan 2024 10:20:31 GMT
etag
"5e22a46c04d947a36ea0cad07afcc9e1"
x-f8-o
P
vary
Accept-Encoding, Accept-Encoding, Origin
x-goog-generation
1704709231910344
content-type
application/octet-stream
access-control-allow-origin
https://iframe.fresh8.co
x-goog-hash
crc32c=44JUUQ==, md5=XiKkbATZR6NuoMrQevzJ4Q==
cache-control
public, max-age=2592000
x-goog-stored-content-length
11040
accept-ranges
bytes
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 18:46:25 GMT
content-encoding
gzip
age
75670
x-guploader-uploadid
ABPtcPrAQBAQFe7sqSCQ8fcuC7naD2m0CtNc2lbEs_48CkbXsK6GKaM0WTaF-668J3EUvxQTM-uVvyebLA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Sun, 24 Mar 2024 18:46:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A4DC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVJaU1e1yOLcuFQtbnaKt7HzVS2EawaIl8Ed1fBg8A7X6fTtXWJIPl3vGH0JCBoUhm4-nRJKeghJG4vDDed6672gosgQ2RzCQD4SV_E9PEcEeKChcedrxBtrtgYJB1wrF4c_LLqk_d8hXDPhkZrdJ8xHuCropjV0E&sig=Cg0ArKJSzBSgovVIIupOEAE&id=lidar2&mcvt=1286&p=1110,315,1200,1285&mtos=1286,1286,1286,1286,1286&tos=1286,0,0,0,0&v=20240320&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=596798238&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=722805400&rst=1711295254588&rpt=373&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		121 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
681d7dd90c93e525be682ce50bc813c63531dbda63e27a92509e2ae64c2f10fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47810
x-xss-protection
0
last-modified
Sun, 24 Mar 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Mar 2024 15:47:36 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D892 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMukuQXmM_eNu3ZTZLOSSYc9xvdr_rlduaOseR7gDq6PBOYc6fzGkdg5a8R_FegZ17w3vMXDZRC9P7qFh1nkInr1mxhH1KrGrAy6yF-9xIVSuDhotPdRHrlOMUKzmqmNp2v9636DvceGhMhDFJznfQtqoU7eDsM6g&sig=Cg0ArKJSzDUMecU2-A8XEAE&id=lidar2&mcvt=1166&p=233,315,483,1285&mtos=1166,1166,1166,1166,1166&tos=1166,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2935826974&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=722805500&rst=1711295254610&rpt=480&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
b.t.tailtarget.com/ 		111 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-10258-0&tY=1&tS=1&tU=0100007F144B0066AD066F53027E7B31&tX=b.52&tZ=466442792
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
03418a024d92468bfa2e9ec42bf2ff86bb1434da9b65f8acba15b3d159c6ac27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:36 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
api.gif
tags.denakop.com/ Frame A4DC 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10303&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fem-br.diariodetocantins.com%2F&t=1711295256280&cb=0.6448644852168346&aa=under&at=html
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
8697ccf7d82c4bd8-BUF
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame A4DC 		527 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=666958659857246&correlator=914553971525631&eid=31079957%2C31081969%2C31081980%2C31082134&output=ldjh&gdfp_req=1&vrg=202403200101&ptt=17&impl=fifs&iu_parts=21715141650%3A6887%2Cem.com.br%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D30e4712c39b09385%3AT%3D1711295251%3ART%3D1711295251%3AS%3DALNI_MZuEPB11qPtvUeb2Ed3nAOuRC0yBg&gpic=UID%3D00000dd537c17569%3AT%3D1711295251%3ART%3D1711295251%3AS%3DALNI_Mb-GpcR9hA4sUQCHxggzLJqs0-v3Q&abxe=1&dt=1711295256291&adxs=315&adys=1110&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=x73p3q6bcrmq&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&top=em-br.diariodetocantins.com&vis=1&psz=970x0&msz=970x-1&fws=768&ohw=0&ga_vid=1584523209.1711295252&ga_sid=1711295256&ga_hid=866055470&ga_fc=true&dlt=1711295254588&idt=302&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dem-br%2Cdiariodetocantins%2Ccom%2Cem-br.diariodetocantins.com%26pathname%3D%252F%26placement_name%3Dunder%26ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna%26tier%3D2&adks=748505382&frm=23&eo_id_str=ID%3Da7c429d4bdc5fbac%3AT%3D1711295251%3ART%3D1711295251%3AS%3DAA-AfjbroHEGM4IhwcxWsHtWqCYd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8441b02a956c23188d79f0ccad1e602409ae922b271785ecc68c0d212448f250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A4DC 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403200101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
850ebd879191ffb670b62c8958cee219f20208fc450dc3a894eab859ffc38d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12286
x-xss-protection
0
container.html
0556858879aa602f1fab37ad8058c9c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C4E0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0556858879aa602f1fab37ad8058c9c9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 15:47:36 GMT
expires
Mon, 24 Mar 2025 15:47:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17658134-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3cd836c0a5a4f5fe64e33ae7ff37b8d21880af5d455fdf99909bbcfec370a79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68663
x-xss-protection
0
last-modified
Sun, 24 Mar 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Mar 2024 15:47:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A4DC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Mar 2024 15:47:36 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17658134-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Mar 2024 13:55:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6753
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 24 Mar 2024 15:55:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F7B5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
109408
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 09:24:08 GMT
expires
Sun, 23 Mar 2025 09:24:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 90BF 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a5fea867b2d42cb65fe0ae61bbd65d7a8e9bfc3bd89433fa523c564e5c7fb15e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lzTRIKxdzyR749SUpyAHkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lzTRIKxdzyR749SUpyAHkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 15:47:36 GMT
expires
Sun, 24 Mar 2024 15:47:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ca
tt-10258-0.seg.t.tailtarget.com/ 		61 B
101 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10258-0.seg.t.tailtarget.com/ca?tZ=357749756
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
c9dbece176d8a8aea91db5b54948f34477b5d768e6ff8bdfd65e756b2ff23752

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:36 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
pagead2.googlesyndication.com/bg/ Frame F7B5 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 22:25:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
62547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15865
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Mar 2025 22:25:09 GMT
__tt.gif
t.tailtarget.com/ 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10258-0&tE=2&tF=&tI=_buffalo_new%20york_us_1711295255375_1611265731&tJ=&tU=0100007F144B0066AD066F53027E7B31&tX=b.52&tY=1&tZ=360532783
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:36 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
generate_204
tpc.googlesyndication.com/ Frame F7B5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?F5MztQ
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10318.K1GJrE3HbCA2HsConUvWDFfh0GJAh58Hiu6ri0wKRZ0QX_2Q2sZOcZAXcnPW5XOr.r5Acq8wGFFGkBMIc_CMlCRVVYeo%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10318.D4wxsXewdc8GdKuJ0wRFxNl_PS7O6J8pk46d81RSh0N31V2TW9M6QfeZVSnPUTO-T8frtKQRAsTfoGRUZVcUbnOpY7hbOl9-eT5jSM2Z2Rl1IfmHvSxLL2U6tWRzgC19dsfvDmQe62...
43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10318.D4wxsXewdc8GdKuJ0wRFxNl_PS7O6J8pk46d81RSh0N31V2TW9M6QfeZVSnPUTO-T8frtKQRAsTfoGRUZVcUbnOpY7hbOl9-eT5jSM2Z2Rl1IfmHvSxLL2U6tWRzgC19dsfvDmQe62ixV9aj69qOD_GcjdeMUww6OxstSa04MlmelQ-S45xIbArOPnSVoR9vRHdppw7znAmH3STORAzuaJDoo6YRPx5hvz8xGyVV6Ko%2C.PEGKr11W5lJkkseZrdUlEZwJkOY%2C
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:37 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10318.D4wxsXewdc8GdKuJ0wRFxNl_PS7O6J8pk46d81RSh0N31V2TW9M6QfeZVSnPUTO-T8frtKQRAsTfoGRUZVcUbnOpY7hbOl9-eT5jSM2Z2Rl1IfmHvSxLL2U6tWRzgC19dsfvDmQe62ixV9aj69qOD_GcjdeMUww6OxstSa04MlmelQ-S45xIbArOPnSVoR9vRHdppw7znAmH3STORAzuaJDoo6YRPx5hvz8xGyVV6Ko%2C.PEGKr11W5lJkkseZrdUlEZwJkOY%2C
date
Sun, 24 Mar 2024 15:47:37 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:37 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Mar 2024 14:07:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65f99c21-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 24 Mar 2024 16:47:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 90BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403200101&jk=666958659857246&rc=
Requested by
Host: em-br.diariodetocantins.com
URL: https://em-br.diariodetocantins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
collect
analytics.google.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KFBFMPM6S4&gtm=45je43k0v884805283za200&_p=1711295251271&gcd=13l3l3l3l1&npa=0&dma=0&cid=1584523209.1711295252&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1711295252&sct=1&seg=0&dl=https%3A%2F%2Fem-br.diariodetocantins.com%2F&dt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&en=scroll&epn.percent_scrolled=90&_et=15&tfd=7781
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403190101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb8a12e52ad529bf64ab60ced16265946143230bc7c6df8c779f6deaf003a282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12683
x-xss-protection
0
1
mc.yandex.com/watch/92306955/
Redirect Chain
  • https://mc.yandex.com/watch/92306955?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3A...
  • https://mc.yandex.com/watch/92306955/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%...
447 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/92306955/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A2%3Adp%3A0%3Als%3A1492023204081%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A391442657%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
566e6efca39ed9b838fb570de85c843ae0eb940b872796ed011ffba4642593e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 24-Mar-2024 15:47:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Sun, 24-Mar-2024 15:47:37 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:37 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 24-Mar-2024 15:47:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/92306955/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A2%3Adp%3A0%3Als%3A1492023204081%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A391442657%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 24-Mar-2024 15:47:37 GMT
1
mc.yandex.com/watch/92138145/
Redirect Chain
  • https://mc.yandex.com/watch/92138145?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3A...
  • https://mc.yandex.com/watch/92138145/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%...
447 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/92138145/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A3%3Adp%3A0%3Als%3A503291346252%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A694303407%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
865a98de24f9a4673da8a06aeda7253013b3b9ba34d64ef3719ee38497b47606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 24-Mar-2024 15:47:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Sun, 24-Mar-2024 15:47:37 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:37 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 24-Mar-2024 15:47:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/92138145/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A3%3Adp%3A0%3Als%3A503291346252%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A694303407%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 24-Mar-2024 15:47:37 GMT
1
mc.yandex.com/watch/92138039/
Redirect Chain
  • https://mc.yandex.com/watch/92138039?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3A...
  • https://mc.yandex.com/watch/92138039/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%...
447 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/92138039/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A1%3Adp%3A0%3Als%3A492509057756%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A466883460%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
8a254d180052a0ca7b164e804f15763a0d7d079a02e3e34fd4697bcafe4d65b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 24-Mar-2024 15:47:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Sun, 24-Mar-2024 15:47:37 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:37 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 24-Mar-2024 15:47:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/92138039/1?wmode=7&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1272%3Acn%3A1%3Adp%3A0%3Als%3A492509057756%3Ahid%3A142179456%3Az%3A-600%3Ai%3A20240324054737%3Aet%3A1711295257%3Ac%3A1%3Arn%3A466883460%3Arqn%3A1%3Au%3A1711295257538992745%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3330%3Awv%3A2%3Ads%3A0%2C66%2C1301%2C171%2C%2C0%2C%2C4776%2C12%2C%2C%2C%2C6332%3Aco%3A0%3Acpf%3A1%3Ans%3A1711295249422%3Agi%3AR0ExLjIuMTU4NDUyMzIwOS4xNzExMjk1MjUy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1711295258%3At%3AJornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 24-Mar-2024 15:47:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A4DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403200101&jk=666958659857246&bg=!vr2lvfLNAAZaswqNerM7ADQBe5WfOLvdaaHHbIpq3vMbNHCglf935cjAMN0jtZ4uDw_68FcS5AEgyc_bESiefZJigLZgAgAAAV9SAAAAA2gBB34ANTVrAstoKFDHheYtWG6obzIe6F2yijU94P-NRkkO_qfCa3wLtOaZ_Lmdop2wUjUsCPehfFBZmQKZtHMTeq8vcR0g2BPrsLnGDA-YbZmDEGBuYkp1_nW_h-rpiughDvsFq2vIW6Czf8ELq5dQdi4PpBkTE4wDQzeNg9xSgzj1dQexcjbTPlaeYdBN45Kmn0Mt4pmhD93UnBrjWyrv31bOhcXgTbXlbZFcss4k10Myk1P8d796zYFS41Ra6siYnTQREW3IELGCANR4hj2NngsxbL_5MEtPNui3FSMmgqvIaEL0AfRKdQkOjiOMaBeyFTrXlcF6-k9g0ygwNk8DJYd0b1GSxlfE7idBm7BKvULbaIv7nyic1Ikv_O8kX-kYETdT_yLCVL5Nwx5QycFPuz8Qegj4GtJGVEkZ1LKOOSDRk9zTHOZ8NbexY4pj-QliVW00kwzx55AmrRdg14vPQx25BXz2f0SdE5NoSKgi3sH9mFa9yeXGwNC02WdDXoVEpOZxAEbmsNFc-OWSoEzmKtDlUvSuwz9SD6LwErB1d7zNo70aHg5JVVuC5VVnXmvZrqzu6VTnY_IOwF7cOD2WFtauY-sjP40e2bKC0ifb4iYX3V5qjz0DoE0jvus07lp_A8je7dlSwW3ZYRKMVKv1Tr1bnoUS0MKkct2h4gSRpBQU6envyojnEvIw6us8_lrnZ9dPVkICM11JXoea9C2zU3PaOT0Clw3UJvt1jdXERTwmh0Eg5-JAPVSpOAoJ-qAW6IU_03bNWHGaRaLokmyNENPyPmFZ8yepc6AagXPh2iCu1k-eY2pfjFK91Vft5hZs4ha8tEB0IR5Gln_4Exh_SKOM1GqvcFM09akOZWDKiBbxN9eF7F2Jmiv85p7Zw47FberR-n7pkOvjPIZukVkuug6Cc96Ln9gEeyRWQomUmrnrQiASl31UXecUjlubL1yZ3KENxcI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Mar 2024 15:47:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 53D0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
109409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 09:24:08 GMT
expires
Sun, 23 Mar 2025 09:24:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 06A1 		829 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d135e9f8f1e680e49f5030e8f1f11ebec764590bc52d876ad5b6497bd767af52
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DO3F6FjNSif16DKmPKBRpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-DO3F6FjNSif16DKmPKBRpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 15:47:37 GMT
expires
Sun, 24 Mar 2024 15:47:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
pagead2.googlesyndication.com/bg/ Frame 53D0 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 22:25:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
62548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15865
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Mar 2025 22:25:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 06A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403190101&jk=1453300635124221&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 53D0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qNE1xQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403190101&jk=1453300635124221&bg=!wcKlwo3NAAZaswqNerM7ADQBe5WfOG6-eGaudkwi2Q5v858X1quU0uifSduZ-y0vGl2ZynmMB_LnYq48CJdwWDognMUCAgAAAIdSAAAABGgBB34ANk4qp2XLmOH0AAvWVgoqtMdivwTGQHCIYYce0CyuVEG7U7NocHzraTzGEt6jrer5WG8Fcou_n5kCc10wWaa8G2TVL1nQZ_RTVenbM9ybcv2vFhbMA-GiGi0E45fQm4Or5HZulfJnxDrZ6vcmh6uFD3xo2u1u0zV_DhXZXqFOev0GbWCFMl8wMaYX-UwvI6SEUq4WJyeeOVBtrejjtnI3Q_I5ZVYuE9z93Dko-TqtPNN6YenCcHf3mtHqBsbGpcG82fI3GB0LMePG6XHCPKlkxh3KqU4tSFDN1GrORUeFQ4YfnPmB-VEJEe5Gsc4Lmqv6zLE-7zV4qdoYe5B0oYVDt5TDmDcmDR-fK8l6qdWzVOCYHYLO7lWA8WCfV9tmJdbCqhE2egxHqzL1y8QsTBmz2RMeq04OwkTkx5OeP2hBjmF2lc7hdhEos3u67tVvzW3_UBl-1-zI1Bu-ZyfXRjTYt8iDScCaNlXjHxmDDrFcB8E38P71YcCSzE_Xo840AX4_fbQFWJBOQ7DgQuA1BZwaO55hcpdfuWynV37YGsG-tjqXTi6_Ujff7jqWAfLog0tYpiBiQtZySVYC2LsWB2uiqmdPm65rt7nCXwJkY94gc34oXNI05OkUoUuxMkHwdy-y-sIIn58WbfwuZyyCJSqSjT960n4Bl3Sfd4zlXcCmRj0vf4wrnrOqXWm8PMceyZI6xZUB3tsaRcbwrfBxyZxXV2Rpv9SuiMLAgtnU7rMtwWnNJ5CSDH74PM2bSbKOEknTb62gJGy0utC6jvp48m75xc9BDqvlmuuAP76PmAXRjFXDPNzT2Jaskw2OiGfDqKr6LCY-ZEJEQTYQ-nge_CBNwC8q_7gGh0uCswzIdYXlJu9ITkf3hF7P7D-OewnBy8cDYSscNB8MXUwQSm2q8A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ Frame A4DC 		431 B
183 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=666958659857246&correlator=3491523046109570&eid=31079957%2C31081969%2C31081980%2C31082134&output=ldjh&gdfp_req=1&vrg=202403200101&ptt=17&impl=fifs&iu_parts=21715141650%3A6887%2Cem.com.br%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&ifi=2&sfv=1-0-40&rcs=1&eri=5&sc=1&cookie=ID%3D30e4712c39b09385%3AT%3D1711295251%3ART%3D1711295251%3AS%3DALNI_MZuEPB11qPtvUeb2Ed3nAOuRC0yBg&gpic=UID%3D00000dd537c17569%3AT%3D1711295251%3ART%3D1711295251%3AS%3DALNI_Mb-GpcR9hA4sUQCHxggzLJqs0-v3Q&abxe=1&dt=1711295258611&adxs=315&adys=1110&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=x73p3q6bcrmq&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&top=em-br.diariodetocantins.com&vis=1&psz=970x0&msz=970x-1&fws=768&ohw=0&ga_vid=1584523209.1711295252&ga_sid=1711295256&ga_hid=866055470&ga_fc=true&dlt=1711295254588&idt=302&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dem-br%2Cdiariodetocantins%2Ccom%2Cem-br.diariodetocantins.com%26pathname%3D%252F%26placement_name%3Dunder%26ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna%26tier%3D2%26placement_data%3Dunder_HTML_V1&adks=748505382&frm=23&eo_id_str=ID%3Da7c429d4bdc5fbac%3AT%3D1711295251%3ART%3D1711295251%3AS%3DAA-AfjbroHEGM4IhwcxWsHtWqCYd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43c835d7df4c60af487a9f9b24d594706af62c23c970c0c1cd10e0bfab2b763f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame A4DC 		409 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=666958659857246&correlator=3491523046109570&eid=31079957%2C31081969%2C31081980%2C31082134&output=ldjh&gdfp_req=1&vrg=202403200101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90&ifi=3&sfv=1-0-40&eri=5&sc=1&cookie=ID%3D30e4712c39b09385%3AT%3D1711295251%3ART%3D1711295251%3AS%3DALNI_MZuEPB11qPtvUeb2Ed3nAOuRC0yBg&gpic=UID%3D00000dd537c17569%3AT%3D1711295251%3ART%3D1711295251%3AS%3DALNI_Mb-GpcR9hA4sUQCHxggzLJqs0-v3Q&abxe=1&dt=1711295258614&adxs=315&adys=1110&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=4lbd6k26rhak&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&top=em-br.diariodetocantins.com&vis=1&psz=0x0&msz=970x0&fws=256&ohw=0&ga_vid=1584523209.1711295252&ga_sid=1711295256&ga_hid=866055470&ga_fc=true&dlt=1711295254588&idt=302&prev_scp=passback%3Ddenakop&adks=2474330079&frm=23&eo_id_str=ID%3Da7c429d4bdc5fbac%3AT%3D1711295251%3ART%3D1711295251%3AS%3DAA-AfjbroHEGM4IhwcxWsHtWqCYd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403200101/pubads_impl.js?cb=31082134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51322cd3f890e0f823a337d1db4e41f482a526d41fc5313174ba558de9a0da61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:38 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame A4DC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fem-br.diariodetocantins.com%2F&domain=em-br.diariodetocantins.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=k7CJ-3xnMm1tRTJMcUZqS0hSUXErZ2FMampoT2pEcmNUMGFHQXZPbWxDOUdHL1h1TExkN1lSSXlEUjR2bEE5MWtZWEZRMlEwbW52Z0EvVEpnRjRnVVhNM1d3TjY0ZTBFQW51WXlKK1hiVFFNV2QxZ0RNWUttNWFRNWNvdE...
378 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=k7CJ-3xnMm1tRTJMcUZqS0hSUXErZ2FMampoT2pEcmNUMGFHQXZPbWxDOUdHL1h1TExkN1lSSXlEUjR2bEE5MWtZWEZRMlEwbW52Z0EvVEpnRjRnVVhNM1d3TjY0ZTBFQW51WXlKK1hiVFFNV2QxZ0RNWUttNWFRNWNvdEp3VzQybGZjek5HaTViYmFEb1RZRFEyWkZQT2ZmTkp5R1NqRWF1R3ZrMW4vbkRVUEptcmhBYUViaU1sUUxZUlloRjMzVndBbGNVQW5aOHUrOTBySDFvQW55RUZMdDNsRHFxMDdKbitUNGVOVWZ4RmpMVmM1ck5qMzlrN0VQZVBZMnNsM1NpTWgrWTZEbU10S1llbUIrSlhKQmlEZW9Pdz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d94ac6db7d8114f92214af95dc31d3a1e5157a465a245fa39429965adafcf091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://em-br.diariodetocantins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
777920
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://em-br.diariodetocantins.com
location
https://mug.criteo.com/sid?cpp=k7CJ-3xnMm1tRTJMcUZqS0hSUXErZ2FMampoT2pEcmNUMGFHQXZPbWxDOUdHL1h1TExkN1lSSXlEUjR2bEE5MWtZWEZRMlEwbW52Z0EvVEpnRjRnVVhNM1d3TjY0ZTBFQW51WXlKK1hiVFFNV2QxZ0RNWUttNWFRNWNvdEp3VzQybGZjek5HaTViYmFEb1RZRFEyWkZQT2ZmTkp5R1NqRWF1R3ZrMW4vbkRVUEptcmhBYUViaU1sUUxZUlloRjMzVndBbGNVQW5aOHUrOTBySDFvQW55RUZMdDNsRHFxMDdKbitUNGVOVWZ4RmpMVmM1ck5qMzlrN0VQZVBZMnNsM1NpTWgrWTZEbU10S1llbUIrSlhKQmlEZW9Pdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
366514
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fem-br.diariodetocantins.com%2F&domain=em-br.diariodetocantins.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://em-br.diariodetocantins.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 24 Mar 2024 15:47:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
469344
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3D4E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
54279
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 24 Mar 2024 15:47:39 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 23 Feb 2024 06:02:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
573, 88902
X-Served-By
cache-lga13626-LGA, cache-yyz4527-YYZ
X-Timer
S1711295259.351512,VS0,VE0
/
csync.smilewanted.com/ Frame 5A08 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1450b21a6f1b2807726ebbeadbaf68bafbbf406c15209e5d903f17c9a262b7

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0aaed94bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:39 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E908 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
54279
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 24 Mar 2024 15:47:39 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 23 Feb 2024 06:02:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
573, 88024
X-Served-By
cache-lga13626-LGA, cache-yyz4541-YYZ
X-Timer
S1711295259.351962,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 5059 		269 B
546 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.118.26 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-118-26.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Mar 2024 15:47:39 GMT
ETag
"28052a-10d-6142d69a886c0"
Last-Modified
Thu, 21 Mar 2024 15:32:19 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5B3F 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1711295255546
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
f8fd7afac6b9fc70c4920ce18f179f6c34b73f7ee8c995e50cb1159599f6c461
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://em-br.diariodetocantins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1566
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
onetag-sys.com/match/ Frame 5B3F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=onetag&ssp_user_id=v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=160&uid=bb5a3a8c-b7bf-4f68-9f29-d422c2b032b5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=160&uid=bb5a3a8c-b7bf-4f68-9f29-d422c2b032b5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=160&uid=bb5a3a8c-b7bf-4f68-9f29-d422c2b032b5
date
Sun, 24 Mar 2024 15:47:39 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
onetag-sys.com/match/ Frame 5B3F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=c34d6600-4b14-4500-9d4f-fcfa994985b2&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=c34d6600-4b14-4500-9d4f-fcfa994985b2&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 24 Mar 2024 15:47:39 GMT
Server
MT3 1549 cea2cde master iad iad-pixel-x23 config_version:"3549"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=c34d6600-4b14-4500-9d4f-fcfa994985b2&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 24 Mar 2024 15:47:38 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 5B3F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.90 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
69db7c5e2f600e97f8860add7135fe1e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5B3F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4149761049826027824
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4149761049826027824
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:39 GMT
an-x-request-uuid
f650c94d-81cf-4944-a4cb-60fa2e2207b4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4149761049826027824
x-proxy-origin
96.9.246.195; 96.9.246.195; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 5B3F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=993e38d3ea708bfa6f1f832d2192ab8b&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=993e38d3ea708bfa6f1f832d2192ab8b&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 24 Mar 2024 15:47:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=993e38d3ea708bfa6f1f832d2192ab8b&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1711295259440088-1141
tap.php
pixel.rubiconproject.com/ Frame 5B3F 		42 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5B3F
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%5BUID%5D&gdpr=${GDPR}&gd...
  • https://onetag-sys.com/match/?int_id=164&gdpr=1&gdpr_consent=&uid=d9fe784a-a6c3-4f59-8c51-c922fc98c0f6
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=1&gdpr_consent=&uid=d9fe784a-a6c3-4f59-8c51-c922fc98c0f6
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 24 Mar 2024 15:47:39 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=1&gdpr_consent=&uid=d9fe784a-a6c3-4f59-8c51-c922fc98c0f6
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sync
t.adx.opera.com/pub/ Frame 5B3F 		0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/pub/sync?pubid=pub10101531197440&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , United States, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:39 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5B3F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjnElYtxc6MSnc16Ue1ZTjKWWChrukdREYw&gdpr=1&gdpr_consent=
170 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjnElYtxc6MSnc16Ue1ZTjKWWChrukdREYw&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjnElYtxc6MSnc16Ue1ZTjKWWChrukdREYw&gdpr=1&gdpr_consent=
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 5B3F 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.84 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:39 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5B3F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Mar 2024 15:47:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2TFYZP8YN8F6WEC0MP1R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 5B3F 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.110 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:39 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5B3F 		170 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&gdpr=1&gdpr_consent=&google_cm
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 5B3F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%25%25VGUID%25%25
  • https://onetag-sys.com/match/?int_id=149&gdpr=1&gdpr_consent=&uid=F0VD3wKpNJfI&ev=1&us_privacy=&pid=562985
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=1&gdpr_consent=&uid=F0VD3wKpNJfI&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=1&gdpr_consent=&uid=F0VD3wKpNJfI&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7448ddfc97-dqrgr
expires
-1
/
onetag-sys.com/match/ Frame 5B3F
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=5ee115e76df611b0&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGLbHcLYi4IwN8dFFAAAAAAAA&expiration=1711381659
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGLbHcLYi4IwN8dFFAAAAAAAA&expiration=1711381659
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:39 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGLbHcLYi4IwN8dFFAAAAAAAA&expiration=1711381659
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
x.bidswitch.net/ Frame 5B3F 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=&user_id=v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1711295255546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 24 Mar 2024 15:47:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame E908 		0
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:39 GMT
an-x-request-uuid
849d6483-c003-4256-b15c-d0b1f9b130e7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.246.195; 96.9.246.195; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3D4E 		0
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:39 GMT
an-x-request-uuid
1699dca2-3df4-4d51-909a-3feb855118db
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.246.195; 96.9.246.195; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 5A08 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
189332
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8697cd0bff584bd3-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=k7CJ-3xnMm1tRTJMcUZqS0hSUXErZ2FMampoT2pEcmNUMGFHQXZPbWxDOUdHL1h1TExkN1lSSXlEUjR2bEE5MWtZWEZRMlEwbW52Z0EvVEpnRjRnVVhNM1d3TjY0ZTBFQW51WXlKK1hiVFFNV2QxZ0RNWUttNWFRNWNvdEp3VzQybGZjek5HaTViYmFEb1RZRFEyWkZQT2ZmTkp5R1NqRWF1R3ZrMW4vbkRVUEptcmhBYUViaU1sUUxZUlloRjMzVndBbGNVQW5aOHUrOTBySDFvQW55RUZMdDNsRHFxMDdKbitUNGVOVWZ4RmpMVmM1ck5qMzlrN0VQZVBZMnNsM1NpTWgrWTZEbU10S1llbUIrSlhKQmlEZW9Pdz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 24 Mar 2024 15:47:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
382869
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame EDF5 		0
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0c4f794bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:39 GMT
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 5059 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.118.26 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-118-26.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5f5fc2c8972558cfc1089d10cdf619e85e5ba2ea35665984323c85e36857d4f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 24 Mar 2024 15:47:39 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Mar 2024 21:51:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21846
Connection
keep-alive
Content-Length
10976
Expires
Sun, 24 Mar 2024 21:51:45 GMT
9130551284904746
csync.smilewanted.com/set_partner_userid_get/smart/ Frame CFCE
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/9130551284904746
0
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/9130551284904746
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0ff8b44bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Sun, 24 Mar 2024 15:47:39 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/9130551284904746
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
4149761049826027824
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame A093
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/4149761049826027824
0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/4149761049826027824
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0d2fc84bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
c547f4f0-cce1-4d28-a733-f56e860b15ee
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:47:39 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/4149761049826027824
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
96.9.246.195; 96.9.246.195; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 5059 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
LU5P0E09-20-9KBR
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 68EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LU5P0E09-20-9KBR?gdpr=0
0
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LU5P0E09-20-9KBR?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0d5fd84bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LU5P0E09-20-9KBR?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
f69a50991384d09413b97a37bb74928b
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ACF0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.33.14 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-33-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103487
content-encoding
gzip
content-length
5685
content-type
text/html
date
Sun, 24 Mar 2024 15:47:39 GMT
expires
Mon, 25 Mar 2024 20:32:26 GMT
last-modified
Tue, 13 Feb 2024 04:57:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
eda0faf5-8a50-44a0-9343-406524457b32&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame A45D
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/eda0faf5-8a50-44a0-9343-406524457b32&partner_id=1010
0
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/eda0faf5-8a50-44a0-9343-406524457b32&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0ec8494bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Sun, 24 Mar 2024 15:47:39 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/eda0faf5-8a50-44a0-9343-406524457b32&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
4ed5b5f8-898b-4e4a-a251-4540e4b19067
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 87FE
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/4ed5b5f8-898b-4e4a-a251-4540e4b19067
0
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/4ed5b5f8-898b-4e4a-a251-4540e4b19067
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0f08584bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Sun, 24 Mar 2024 15:47:39 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/4ed5b5f8-898b-4e4a-a251-4540e4b19067
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame ACF0 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85203913&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.181 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3c46bfd4e0d7acf4ad7fb8682de470bbf4e40c3b1a182cd10589092f277f686d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
IYAzALZHr3c3VmtaQJKuzN5p
csync.smilewanted.com/set_partner_userid_get/sovrn/ Frame CB34
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/IYAzALZHr3c3VmtaQJKuzN5p
0
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/sovrn/IYAzALZHr3c3VmtaQJKuzN5p
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0f887f4bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
content-length
0
date
Sun, 24 Mar 2024 15:47:40 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/sovrn/IYAzALZHr3c3VmtaQJKuzN5p
4786378512614543458
csync.smilewanted.com/set_partner_userid_get/adform/ Frame EBE1
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://cm.adform.net/cookie?CC=1&redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4786378512614543458
0
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/4786378512614543458
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd11c94a4bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Sun, 24 Mar 2024 15:47:40 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/4786378512614543458
server
nginx
pixel
cm.g.doubleclick.net/ Frame 5059
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGQ0NzU1ZWNjMWVhMjQyOTg4YmRjNzQwOWYzMmIyNDNlYWZlMmVjZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGQ0NzU1ZWNjMWVhMjQyOTg4YmRjNzQwOWYzMmIyNDNlYWZlMmVjZQ
Protocol
H3
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGQ0NzU1ZWNjMWVhMjQyOTg4YmRjNzQwOWYzMmIyNDNlYWZlMmVjZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 5059
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LU5P0E09-20-9KBR&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LU5P0E09-20-9KBR&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Mar 2024 15:47:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QN3C02K84E1NW0T4BGRC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LU5P0E09-20-9KBR&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 5059
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ppTyLluuIN3ol8VLGxDBKcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-avjQ.nVE2oJZjGXivhyRknrRP2tD2K_yC_WdVw--~A
42 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-avjQ.nVE2oJZjGXivhyRknrRP2tD2K_yC_WdVw--~A
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 24 Mar 2024 15:47:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-avjQ.nVE2oJZjGXivhyRknrRP2tD2K_yC_WdVw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 5059
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://match.adsrvr.org/track/cmb/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c9ad7683-3a73-484f-8bef-0e077d42ee57&gdpr=0&gdpr_consent=&expires=30
42 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c9ad7683-3a73-484f-8bef-0e077d42ee57&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c9ad7683-3a73-484f-8bef-0e077d42ee57&gdpr=0&gdpr_consent=&expires=30
date
Sun, 24 Mar 2024 15:47:40 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 5059
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFU1UDBFMDktMjAtOUtCUg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBON28VJVGGQ0T5fLFY7hmg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFU1UDBFMDktMjAtOUtCUg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFU1UDBFMDktMjAtOUtCUg==&google_push=
Protocol
H3
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFU1UDBFMDktMjAtOUtCUg==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5059
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3tXDJw5JS5e5l4utpeLMqw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3tXDJw5JS5e5l4utpeLMqw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3tXDJw5JS5e5l4utpeLMqw
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Mar 2024 15:47:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AW8EQ069X9FGQM5HMPZA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3tXDJw5JS5e5l4utpeLMqw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 5059
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=q98lGczWTAGfviqFZ74TnA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=q98lGczWTAGfviqFZ74TnA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=q98lGczWTAGfviqFZ74TnA
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Mar 2024 15:47:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7GDW4M26JT40M55RHW3X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=q98lGczWTAGfviqFZ74TnA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 5059
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LU5P0E09-20-9KBR
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LU5P0E09-20-9KBR
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:39 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7AFF19AEF63D4FD189A816C0ABBA8B64 Ref B: EWR311000107009 Ref C: 2024-03-24T15:47:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYUafoXJm3r0/TfOWgw9g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LU5P0E09-20-9KBR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5059
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGXcHNJAlY6XcZ3dqSYVQJA&google_cver=1
42 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGXcHNJAlY6XcZ3dqSYVQJA&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGXcHNJAlY6XcZ3dqSYVQJA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5059
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFMLk7MAJYAABSwYD5LgQ&expires=30
42 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFMLk7MAJYAABSwYD5LgQ&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFMLk7MAJYAABSwYD5LgQ&expires=30
Date
Sun, 24 Mar 2024 15:47:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 5059
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LU5P0E09-20-9KBR
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LU5P0E09-20-9KBR
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LU5P0E09-20-9KBR
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sun, 24 Mar 2024 15:47:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LU5P0E09-20-9KBR
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 5059
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LU5P0E09-20-9KBR
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LU5P0E09-20-9KBR
Protocol
H2
Server
3.208.192.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-192-93.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Sun, 24 Mar 2024 15:47:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LU5P0E09-20-9KBR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 5059
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4769d0af-d0e3-41e7-bd3c-3c0f821a2c29&expires=30
42 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4769d0af-d0e3-41e7-bd3c-3c0f821a2c29&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4769d0af-d0e3-41e7-bd3c-3c0f821a2c29&expires=30
Date
Sun, 24 Mar 2024 15:47:40 GMT
Connection
keep-alive
X-CI-RTID
41038ea6-6d36-4861-8bbb-62548b0a6e59
Content-Length
144
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 5059
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LU5P0E09-20-9KBR
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LU5P0E09-20-9KBR
Protocol
H2
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:40 GMT
an-x-request-uuid
0b344918-4106-4be5-bbaa-c1039bdb4b7b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.246.195; 96.9.246.195; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LU5P0E09-20-9KBR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 5059
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LU5P0E09-20-9KBR
0
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LU5P0E09-20-9KBR
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:40 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LU5P0E09-20-9KBR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
v1
match.sharethrough.com/sync/ Frame 5059
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LU5P0E09-20-9KBR
68 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LU5P0E09-20-9KBR
Protocol
H2
Server
54.236.181.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-181-83.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:40 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LU5P0E09-20-9KBR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
8831cf33-af7e-4001-89ff-3573a60f5628
csync.smilewanted.com/set_partner_userid_get/adwmg/ Frame 7979
Redirect Chain
  • https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CON...
  • https://csync.smilewanted.com/set_partner_userid_get/adwmg/8831cf33-af7e-4001-89ff-3573a60f5628
0
465 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adwmg/8831cf33-af7e-4001-89ff-3573a60f5628
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0f68734bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Mar 2024 15:47:40 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/adwmg/8831cf33-af7e-4001-89ff-3573a60f5628
Pragma
no-cache
Server
nginx
dcm
s.amazon-adsystem.com/ Frame 676A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=15B728CE-C9ED-446D-A3E3-69DAF01C123B&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=15B728CE-C9ED-446D-A3E3-69DAF01C123B&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=15B728CE-C9ED-446D-A3E3-69DAF01C123B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Mar 2024 15:47:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
QKZG2PZ1NX40ZTB6RD46

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Mar 2024 15:47:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=15B728CE-C9ED-446D-A3E3-69DAF01C123B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
17TWDN1HK92ME85PAXPD
Pug
simage2.pubmatic.com/AdServer/ Frame 60BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4149761049826027824&gdpr=0&gdpr_consent=
42 B
317 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4149761049826027824&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Mar 2024 15:47:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
4623d264-b9a8-4733-903c-a85af611f4e0
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:47:40 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4149761049826027824&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
96.9.246.195; 96.9.246.195; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 3FD0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHeHkwN01BSllBQUJTZE4wUWdZZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFMLk7MAJYAABSwYD5LgQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=9130551284904746&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AAFMLk7MAJYAABSwYD5LgQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9130551284904746%26gdpr%3D0%26gdpr_consent...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9130551284904746&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?ev=AAFMLk7MAJYAABSwYD5LgQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9130551284904746%26gdpr%3D0%26bee_sync_partn...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9130551284904746&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAFMLk7MAJYAABSwYD5LgQ&p...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMLk7MAJYAABSwYD5LgQ&gdpr=0
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMLk7MAJYAABSwYD5LgQ&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Mar 2024 15:47:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 24 Mar 2024 15:47:40 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFMLk7MAJYAABSwYD5LgQ&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
15B728CE-C9ED-446D-A3E3-69DAF01C123B
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 924F 		0
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/15B728CE-C9ED-446D-A3E3-69DAF01C123B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0ef8564bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:40 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ACF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FbcozsntRG2j42na8BwSOw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
23.39.33.14 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-33-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:40 GMT
content-encoding
gzip
last-modified
Tue, 13 Feb 2024 04:57:54 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=103486
accept-ranges
bytes
content-length
5685
expires
Mon, 25 Mar 2024 20:32:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame ACF0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=15B728CE-C9ED-446D-A3E3-69DAF01C123B
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=15B728CE-C9ED-446D-A3E3-69DAF01C123B
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2c4f1460-f954-451d-afb5-8afd57370489%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c9ad7683-3a73-484f-8bef-0e077d42ee57&ttd_puid=2c4f1460-f954-451d-afb5-8afd57370489%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c9ad7683-3a73-484f-8bef-0e077d42ee57&ttd_puid=2c4f1460-f954-451d-afb5-8afd57370489%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c9ad7683-3a73-484f-8bef-0e077d42ee57&ttd_puid=2c4f1460-f954-451d-afb5-8afd57370489%2C%2C
date
Sun, 24 Mar 2024 15:47:40 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame ACF0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2015B728CE-C9ED-446D-A3E3-69DAF01C123B&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame ACF0
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=15B728CE-C9ED-446D-A3E3-69DAF01C123B&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=15B728CE-C9ED-446D-A3E3-69DAF01C123B&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=15B728CE-C9ED-446D-A3E3-69DAF01C123B&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Mar 2024 15:47:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=15B728CE-C9ED-446D-A3E3-69DAF01C123B&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Sun, 24 Mar 2024 15:47:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame ACF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTVCNzI4Q0UtQzlFRC00NDZELUEzRTMtNjlEQUYwMUMxMjNC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Mar 2024 15:47:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame ACF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELshDM4lV9yXHvTFFMxXt7I&google_cver=1
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELshDM4lV9yXHvTFFMxXt7I&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Mar 2024 15:47:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELshDM4lV9yXHvTFFMxXt7I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame ACF0
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:652CDEFEC8A248CE8DF78CB0F4F5DAFA
42 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:652CDEFEC8A248CE8DF78CB0F4F5DAFA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Mar 2024 15:47:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 24 Mar 2024 15:47:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:652CDEFEC8A248CE8DF78CB0F4F5DAFA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 23 Mar 2024 15:47:40 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame ACF0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c9ad7683-3a73-484f-8bef-0e077d42ee57&gdpr=0&gdpr_consent=
42 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c9ad7683-3a73-484f-8bef-0e077d42ee57&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Mar 2024 15:47:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c9ad7683-3a73-484f-8bef-0e077d42ee57&gdpr=0&gdpr_consent=
date
Sun, 24 Mar 2024 15:47:40 GMT
server
Kestrel
content-length
355
15B728CE-C9ED-446D-A3E3-69DAF01C123B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame ACF0 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/15B728CE-C9ED-446D-A3E3-69DAF01C123B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:d643:b640:6740:33e1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame ACF0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=15B728CE-C9ED-446D-A3E3-69DAF01C123B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QXBPGYhE2uXwVMkIb9HVawhBRw35oNw-~A&gdpr=0
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QXBPGYhE2uXwVMkIb9HVawhBRw35oNw-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QXBPGYhE2uXwVMkIb9HVawhBRw35oNw-~A&gdpr=0
date
Sun, 24 Mar 2024 15:47:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.106
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame ACF0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b3d30c3e-1b62-4b00-a5ad-f34dec10bcf1&gdpr=0&gdpr_consent=
1 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b3d30c3e-1b62-4b00-a5ad-f34dec10bcf1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:47:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b3d30c3e-1b62-4b00-a5ad-f34dec10bcf1&gdpr=0&gdpr_consent=
Date
Sun, 24 Mar 2024 15:47:40 GMT
Connection
keep-alive
X-CI-RTID
0b1c5c96-2227-4f8a-875f-3d162c60733c
Content-Length
205
Content-Type
text/html; charset=utf-8
153adc3935
csync.smilewanted.com/set_partner_userid_get/smaato/ Frame DB7B
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/smaato/153adc3935
0
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smaato/153adc3935
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8697cd0ff8a64bd3-BUF
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 15:47:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

age
20
cache-control
no-cache, must-revalidate
content-length
0
date
Sun, 24 Mar 2024 15:47:20 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smaato/153adc3935
server
CloudFront
via
1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
x-amz-cf-id
_ZkRVXDtTTwjTSx8SCQpcB1vHTwdCffI_Cj_UyigUrew4Wl2ahdL7Q==
x-amz-cf-pop
YUL62-C2
x-cache
Hit from cloudfront
async_usersync
ib.adnxs.com/ Frame E908 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:40 GMT
an-x-request-uuid
762eb7f9-1f61-4d1d-9214-827ff6f5d6eb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.246.195; 96.9.246.195; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3D4E 		0
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:40 GMT
an-x-request-uuid
7d62d985-2e29-4103-9361-65694d39a426
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.246.195; 96.9.246.195; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
92306955
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/92306955?wv-part=1&wv-type=7&wmode=0&wv-hit=142179456&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&rn=562497465&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1711295261%3Aw%3A1600x1200%3Av%3A1272%3Az%3A-600%3Ai%3A20240324054741%3Au%3A1711295257538992745%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Ast%3A1711295261&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:42 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 24-Mar-2024 15:47:42 GMT
content-type
image/gif
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 24-Mar-2024 15:47:42 GMT
92306955
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/92306955?wv-part=1&wv-type=7&wmode=0&wv-hit=142179456&page-url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&rn=935846193&browser-info=we%3A1%3Aet%3A1711295261%3Aw%3A1600x1200%3Av%3A1272%3Az%3A-600%3Ai%3A20240324054741%3Au%3A1711295257538992745%3Avf%3A1gvp3hi7cp7u4omzq6bwnhyvv%3Ast%3A1711295261&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://em-br.diariodetocantins.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:47:41 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 24-Mar-2024 15:47:41 GMT
content-type
image/gif
access-control-allow-origin
https://em-br.diariodetocantins.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 24-Mar-2024 15:47:41 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame ACF0 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:47:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.google.com
URL
https://s.google.com/gsi/client

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| $ function| jQuery boolean| emVia5news object| f object| dataLayer object| googletag string| diretoriodfp object| slotdfp object| slotdfpbtf object| slotdfpofp number| indexformats object| viewable undefined| staticSlot string| o object| a object| b function| Navegg object| naveggReady object| nvg89454 object| apstag number| PREBID_TIMEOUT object| pbjs function| refreshSlot function| executeParallelAuctionAlongsidePrebid boolean| emVia5newsCapa object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing function| getDAAUUID object| logged string| resp object| google_reactive_ads_global_state number| google_unique_id object| gaGlobal object| google_tag_manager object| iframe object| _ttprofiles object| banner object| btn object| bannerCookie string| cookie object| cookieList object| _aps boolean| apstagLOADED object| apscustom function| nvgGetSegment function| ltgc function| onYouTubeIframeAPIReady object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| TTTagManager function| TTTagManagerError object| _ttq string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder object| btnClsAncor object| ancorado string| product_id function| fbAsyncInit object| AppleID object| FB function| reloadPageTimer object| __buffer function| ym object| regeneratorRuntime string| _uid object| AltPushPush object| AltPush object| Morath string| n object| cmds object| _ttconversion object| ttcNamespace string| event_from string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| gtag function| TTBase function| ttBaseE object| _ttqHolder string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| Ya object| yaCounter92138039 object| yaCounter92306955 object| yaCounter92138145 object| GoogleGcLKhOms object| google_image_requests

167 Cookies

Domain/Path Name / Value
em-br.diariodetocantins.com/_templates/em/assets/javascripts/widgets Name: view
Value: 1
em-br.diariodetocantins.com/_midias/parceirosHardnews/20240324 Name: view
Value: 1
em-br.diariodetocantins.com/_midias/entretenimento/20240324 Name: view
Value: 1
em-br.diariodetocantins.com/_midias/noataque/20240324 Name: view
Value: 1
em-br.diariodetocantins.com/frontend/assets/scripts Name: view
Value: 1
em-br.diariodetocantins.com/_midias/aqui/20240324 Name: view
Value: 1
em-br.diariodetocantins.com/static/fonts Name: view
Value: 1
em-br.diariodetocantins.com/static/css Name: view
Value: 1
em-br.diariodetocantins.com/static/js Name: view
Value: 1
em-br.diariodetocantins.com/ Name: view
Value: 1
em-br.diariodetocantins.com/ Name: PHPSESSID
Value: 6qa9guiolrc39dmq7fnvmjkfns
.navdmp.com/ Name: ac3
Value: 1
.diariodetocantins.com/ Name: __gads
Value: ID=30e4712c39b09385:T=1711295251:RT=1711295251:S=ALNI_MZuEPB11qPtvUeb2Ed3nAOuRC0yBg
.diariodetocantins.com/ Name: __gpi
Value: UID=00000dd537c17569:T=1711295251:RT=1711295251:S=ALNI_Mb-GpcR9hA4sUQCHxggzLJqs0-v3Q
.diariodetocantins.com/ Name: __eoi
Value: ID=a7c429d4bdc5fbac:T=1711295251:RT=1711295251:S=AA-AfjbroHEGM4IhwcxWsHtWqCYd
.navdmp.com/ Name: nid
Value: 145a7a616daf0149190d0f41b310|1|114
.diariodetocantins.com/ Name: _ga_KFBFMPM6S4
Value: GS1.1.1711295252.1.0.1711295252.60.0.0
.diariodetocantins.com/ Name: nvg89454
Value: 145a7a616dfbf8dd69d8d0d95710|0_85
.doubleclick.net/ Name: IDE
Value: AHWqTUmtYyhDwkGjWX4NM_LI8uwbt1fmWdR43Q64V5u09GvO8gYgSic1IMkgwtBhJsE
.mathtag.com/ Name: uuid
Value: c34d6600-4b14-4500-9d4f-fcfa994985b2
.yahoo.com/ Name: A3
Value: d=AQABBBRLAGYCEJrmXEIDTzDxUVhTybhwmYAFEgEBAQGcAWYKZtxH0iMA_eMAAA&S=AQAAAoA2H6pBaXsXxzR0zIAh3Z0
.t.tailtarget.com/ Name: u
Value: fwAAAWYASxRTbwatMXt+AgB=
.t.tailtarget.com/ Name: _ssc
Value: y
em-br.diariodetocantins.com/ Name: _ttqprofiles
Value: {"age":"","equipment":"","customaudience":[],"gender":"","microsegments":[],"profiles":["na"],"socialclass":"","subjects":[],"team":""}
.denakop.com/ Name: uxid
Value: BCFehjrYQpu3uybohKQbnQ%2F0
em-br.diariodetocantins.com/ Name: tt_c_vmt
Value: 1711295255
em-br.diariodetocantins.com/ Name: tt_c_c
Value: direct
em-br.diariodetocantins.com/ Name: tt_c_s
Value: direct
em-br.diariodetocantins.com/ Name: tt_c_m
Value: direct
em-br.diariodetocantins.com/ Name: tt.u
Value: 0100007F144B0066AD066F53027E7B31
.t.tailtarget.com/ Name: ttbprf
Value: _buffalo_new york_us_1711295255375_1611265731
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
em-br.diariodetocantins.com/ Name: tt.nprf
Value:
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.tt-11382-4.seg.t.tailtarget.com/ Name: ttca
Value: _1711295255
.rubiconproject.com/ Name: khaos
Value: LU5P0E09-20-9KBR
.em-br.diariodetocantins.com/ Name: _ttdmp
Value: |LS:
.vmuid.com/ Name: guid
Value: d55ad106-ed18-4032-b529-5605c54b00b7
record.betsson.com/ Name: VID1
Value: KixTJFgtI0RYLEMoUixAYGAKYAo%3D
.betsson.com/ Name: ZBan
Value: h_YD3EAcVQ6jwNHOmFhywmNd7ZgqdRLk
pupspu.com/ Name: av_sw_hit
Value: 1
em-br.diariodetocantins.com/ Name: prefix_views_counter
Value: 1
em-br.diariodetocantins.com/ Name: _ttuu.s
Value: 1711295256268
.diariodetocantins.com/ Name: _ga
Value: GA1.2.1584523209.1711295252
.diariodetocantins.com/ Name: _gid
Value: GA1.2.959795846.1711295257
.tt-10258-0.seg.t.tailtarget.com/ Name: ttca
Value: _1711295256
.yandex.ru/ Name: i
Value: 1cEsbUQpJ1ztE/LTrSm2aeadqmTgKrqwYnr5WZ6ajpfbQUDfwg+AX42MTodDUIGFOSk47FuvuM/PAvrZGo6eBrkJ1jc=
.yandex.ru/ Name: yandexuid
Value: 6799604901711295256
.yandex.ru/ Name: yashr
Value: 221491281711295256
.t.tailtarget.com/ Name: n
Value: 1711295256
.diariodetocantins.com/ Name: _ym_uid
Value: 1711295257538992745
.diariodetocantins.com/ Name: _ym_d
Value: 1711295257
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4157899109fake
.yandex.com/ Name: yashr
Value: 1120725971711295257
.diariodetocantins.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2408480761fake
.yandex.com/ Name: yandexuid
Value: 6799604901711295256
.yandex.com/ Name: yuidss
Value: 6799604901711295256
.yandex.com/ Name: i
Value: 1cEsbUQpJ1ztE/LTrSm2aeadqmTgKrqwYnr5WZ6ajpfbQUDfwg+AX42MTodDUIGFOSk47FuvuM/PAvrZGo6eBrkJ1jc=
.yandex.com/ Name: yp
Value: 1711381657.yu.5829986051711295257
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.com/ Name: ymex
Value: 1713887257.oyu.5829986051711295257#1742831257.yrts.1711295257
.yandex.com/ Name: bh
Value: KgI/MA==
mc.yandex.com/ Name: yabs-sid
Value: 1932071961711295257
.diariodetocantins.com/ Name: _ym_visorc
Value: w
.onetag-sys.com/ Name: OTP
Value: v87qDxADyDdenCsyzRdPY9CPSZp-Ktz_cDmGeSYvF_s
.adnxs.com/ Name: XANDR_PANID
Value: fWOsh7ACF8RUdRPNBjuNgxR4uWHqiXh25bvUgGUnrckMcHKCI5svhBzbqzEdjKK2ToRme1KK5rSl-ppxHe1n1cYfKUncxB7ulzl39KSNoDA.
.adnxs.com/ Name: uuid2
Value: 4149761049826027824
.contextweb.com/ Name: V
Value: F0VD3wKpNJfI
.contextweb.com/ Name: VP
Value: part_F0VD3wKpNJfI
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 871caddf74e96914
.ads.stickyadstv.com/ Name: UID
Value: 993e38d3ea708bfa6f1f832d2192ab8b
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.admanmedia.com/ Name: admtr
Value: d9fe784a-a6c3-4f59-8c51-c922fc98c0f6
.admanmedia.com/ Name: ac_r
Value: CS253
.mfadsrvr.com/ Name: tuuid
Value: bb5a3a8c-b7bf-4f68-9f29-d422c2b032b5
.mfadsrvr.com/ Name: c
Value: 1711295259
.mfadsrvr.com/ Name: tuuid_lu
Value: 1711295259
.mfadsrvr.com/ Name: ssh
Value: !onetag,1711295259
.adx.opera.com/ Name: UID
Value: OPU692b9e3161d646a4bfca53d212c7af14
.criteo.com/ Name: partitioned_bundle
Value: u-wPZl8wNWxLejI4YmJScGw4YmJGalJCcURNJTJGeW5QY0JSNEwwQXBzSmlmOHI4SnlDbHpVaWs2MHdCcFdKZmlyank4V2o0ZG1VT20lMkZ5bnFnd3NtNzhDOW1wRHRvV3BLejJRbHUwMGI3VGNtN2U4M1FJaTFVWE9pUEE3ZURLS01Ub2lYSXVYUTFTdyUyQklIVUNFWWNiTTc4dUVkRFdKTkRSZVdNM1glMkZmRENJOFFScG5XQSUzRA
.diariodetocantins.com/ Name: cto_bundle
Value: wvLctV8wNWxLejI4YmJScGw4YmJGalJCcURNJTJGeW5QY0JSNEwwQXBzSmlmOHI4SnlDbHpVaWs2MHdCcFdKZmlyank4V2o0ZG1VT20lMkZ5bnFnd3NtNzhDOW1wRHRvV3BLejJRbHUwMGI3VGNtN2U4M1FxakVPeXJpYzRrSDg4OFEyNmJPSGg
.diariodetocantins.com/ Name: cto_bidid
Value: AKDvl19zV2FtS1g1YlVoZHNSYjhjRDduc3k2SWhmRnRScW1ER2pMRGVnRkhWWkpCYndZRWQlMkZDRHZ3cUk4blFrMGclMkJvVEg1TWkzSFU3ajdxUURSZ0pnR2toY1R4Y25zU3NZdE1MTGRDRWM5RlNpcEElM0Q
.dotomi.com/ Name: DotomiTest
Value: 5ee115e76df611b0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.360yield.com/ Name: tuuid
Value: eda0faf5-8a50-44a0-9343-406524457b32
.360yield.com/ Name: tuuid_lu
Value: 1711295259
.openx.net/ Name: i
Value: 38334837-1069-4f23-bef2-4a44fe2a0be8|1711295259
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 15B728CE-C9ED-446D-A3E3-69DAF01C123B
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158810:2
.pubmatic.com/ Name: DPSync3
Value: 1712448000%3A201_263%7C1711324800%3A248%7C1711843200%3A265
.pubmatic.com/ Name: SyncRTB3
Value: 1711843200%3A223%7C1712448000%3A166_21_54_250_3_104_220_13_71
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2hh3
.lijit.com/ Name: ljt_reader
Value: IYAzALZHr3c3VmtaQJKuzN5p
.shb-sync.com/ Name: smart_usr
Value: 8831cf33-af7e-4001-89ff-3573a60f5628
.shb-sync.com/ Name: smart_r
Value: 33333
.adsrvr.org/ Name: TDID
Value: c9ad7683-3a73-484f-8bef-0e077d42ee57
.simpli.fi/ Name: suid
Value: 652CDEFEC8A248CE8DF78CB0F4F5DAFA
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.3lift.com/ Name: tluidp
Value: 1076616892730146088391
.3lift.com/ Name: tluid
Value: 1076616892730146088391
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.smaato.net/ Name: SCM
Value: 153adc3935
.smaato.net/ Name: SCMsmile
Value: 153adc3935
.smartadserver.com/ Name: pid
Value: 9130551284904746
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELshDM4lV9yXHvTFFMxXt7I&KRTB&23025-CAESELshDM4lV9yXHvTFFMxXt7I&KRTB&23386-CAESELshDM4lV9yXHvTFFMxXt7I
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:652CDEFEC8A248CE8DF78CB0F4F5DAFA&KRTB&23486-uid:652CDEFEC8A248CE8DF78CB0F4F5DAFA&KRTB&23489-uid:652CDEFEC8A248CE8DF78CB0F4F5DAFA&KRTB&23539-uid:652CDEFEC8A248CE8DF78CB0F4F5DAFA
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AAFMLk7MAJYAABSwYD5LgQ
.ipredictive.com/ Name: cu
Value: 4769d0af-d0e3-41e7-bd3c-3c0f821a2c29|1711295260181
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjm_9TN-IjmPBAFEhQKBXRhcGFkEgsImK6vzviI5jwQBRgBIAEoAjILCNKksvuOieY8EAU4AVoFdGFwYWRgAg..
.lijit.com/ Name: _ljtrtb_80
Value: LU5P0E09-20-9KBR
.tapad.com/ Name: TapAd_TS
Value: 1711295260255
.tapad.com/ Name: TapAd_DID
Value: c9ad7683-3a73-484f-8bef-0e077d42ee57
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!2031
.pubmatic.com/ Name: SPugT
Value: 1711295259
.linkedin.com/ Name: bcookie
Value: "v=2&0882f363-fdcd-4c8a-82f0-471f993139c9"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3229:u=1:x=1:i=1711295260:t=1711381660:v=2:sig=AQEa5vCTvblQq9HBBBqe-quoFeP_byCt"
.adform.net/ Name: C
Value: 1
.smartadserver.com/ Name: csync
Value: 127:AAFMLk7MAJYAABSwYD5LgQ
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2GTu>#)4h!@wnf-Te9(S@mqC2lWGcn#OnHD/Ti0[KC'?G`*7$/Z[p:nx'GNP-HC_#u#F3(*4J]
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxVNVAwRTA5LTIwLTlLQlIiLCJleHBpcmVzIjoiMjAyNC0wNi0yMlQxNTo0Nzo0MFoifX0sImJpcnRoZGF5IjoiMjAyNC0wMy0yNFQxNTo0Nzo0MFoifQ==
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-b3d30c3e-1b62-4b00-a5ad-f34dec10bcf1&KRTB&23011-b3d30c3e-1b62-4b00-a5ad-f34dec10bcf1&KRTB&23355-b3d30c3e-1b62-4b00-a5ad-f34dec10bcf1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4149761049826027824&KRTB&23339-4149761049826027824
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-c9ad7683-3a73-484f-8bef-0e077d42ee57&KRTB&22918-c9ad7683-3a73-484f-8bef-0e077d42ee57&KRTB&22926-c9ad7683-3a73-484f-8bef-0e077d42ee57&KRTB&23031-c9ad7683-3a73-484f-8bef-0e077d42ee57
.adform.net/ Name: uid
Value: 4786378512614543458
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 7b45e699-b68a-4ef9-8659-2096d3526e96
.prebid.a-mo.net/ Name: sd_amuid2
Value: 7b45e699-b68a-4ef9-8659-2096d3526e96
.sharethrough.com/ Name: stx_user_id
Value: 55f54f85-7d5d-4b07-b13f-6854a2f03e1d
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: 7d7a2b4f-b237-3be0-ac2b-ac6ecaf67388
.technoratimedia.com/ Name: tads_uidp_44
Value: LU5NJPGV-5-K9YR
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 4665166699852764841
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAF6SCcweY1NwNMRGtwAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 6ccead0a-36e7-0935-2c3e-21014d54bebb
.technoratimedia.com/ Name: tads_uidp_61
Value: 212524037939628
.technoratimedia.com/ Name: tads_uidp_62
Value: 3542943996634798000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: q9m5kbi2peSlDzo4ipZ3dSWcQtnVXGJw
.technoratimedia.com/ Name: tads_uidp_7
Value: 7c14800e-f734-4e38-8570-1cf83b493bc6
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFMLk7MAJYAABSwYD5LgQ
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-3130630e-0fc1-4310-bbea-4e8f0dfd25df-005
.technoratimedia.com/ Name: tads_uidp_77
Value: DgjAI1F3qeI6sdNN51nNfPG5xHwUfJqsKzTqD48eipo
.technoratimedia.com/ Name: tads_uidp_79
Value: 6b6bd0eb-4f38-4f9a-b264-d496bc81c56f
.technoratimedia.com/ Name: tads_uidp_80
Value: y-dC9j3YxE2uFtWPqw8aG5yUehJ_5DxtZY~A
.technoratimedia.com/ Name: tads_uidp_82
Value: Zf4OjdHM6JoAACoLAJp-tQAA&3402
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 346744910557632631452
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 7F8B1680BA3D4622B67958EAE77826E1
.technoratimedia.com/ Name: tads_uid_cd
Value: 20240124064325+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.amazon-adsystem.com/ Name: ad-id
Value: Az0onwffV08ksDq96WoGugY
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bERKPQl2DMtRlYvo2XO8wv+z0QnGM0pmGSgfC7pVBxQZaiKpykQ1GnKRvLiWoedOG8jL9pOXZqPVmnxmmvonHxRPv1CeJBev9TtgusgJ4eYjNabrui6F/DUpmvllXEtYN4=
.smilewanted.com/ Name: sw_user_params_infos
Value: %2FBEk6F7IyOdkB%2FnQIS3RvluhlhaPJevobzLaNrVXtLkicW8tByRmK9CMbV7DKMbvxSFpPWqsfsfQmTn6uGX9f%2FA0yJvhgStNK8HFB33t5wEX%2FRmrsEq1scQpKSU221dsn2PGoCeE0GQpj0SG0UJCqwnSwCzCh3JHi3%2BhP%2BCkBTNmSgUs3V7mtjxAYyK8i1hlH3GnsiaZbPnndFWOeMGSAWG2SWrcV4L9J3me4MbIMHZDU3p2T8f96PPF8b1mgwT2FhSJr9Snt22npHcmjZVGDFJ570RF1Ej9zm%2FK%2F%2FRQkSxmfePgdC5%2BKZLICpJ3%2FgdFJdu4WkDuXiDSpxq8Xdu%2F9A%3D%3D
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1qey|7dN.0.AAFMLk7MAJYAABSwYD5LgQ
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1qey|7dN.0.AAFMLk7MAJYAABSwYD5LgQ
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFMLk7MAJYAABSwYD5LgQ
.pubmatic.com/ Name: PugT
Value: 1711295260

672 Console Messages

Source Level URL
Text
network error URL: https://s.google.com/gsi/client
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://demiseskill.com/a0/32/b4/a032b4d33c8aea68a4f9b84235614bff.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://demiseskill.com/22/00/54/2200540f09f939738419313a1a090c32.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://survey.g.doubleclick.net/survey?site=_koy77ud4ochgasubjk5frm3ksy&url=https%3A%2F%2Fem-br.diariodetocantins.com%2F&cid=everything&random=1711295251270
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.flipar.com.br/wp-content/s/2024/01/Screenshot_20240126_180100_WhatsApp.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.flipar.com.br/wp-content/s/2023/07/port-gbff78e97e_1280-e1689258003474.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/(Line 1953)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/(Line 1953)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Failed to decode downloaded font: https://em-br.diariodetocantins.com/static/fonts/roboto-regular.woff2
other warning URL: https://em-br.diariodetocantins.com/
Message:
OTS parsing error: invalid sfntVersion: -1991225785
other warning URL: https://em-br.diariodetocantins.com/
Message:
Failed to decode downloaded font: https://em-br.diariodetocantins.com/static/fonts/roboto-regular.woff2
other warning URL: https://em-br.diariodetocantins.com/
Message:
OTS parsing error: invalid sfntVersion: -1991225785
other warning URL: https://em-br.diariodetocantins.com/
Message:
Failed to decode downloaded font: https://em-br.diariodetocantins.com/static/fonts/roboto-regular.woff2
other warning URL: https://em-br.diariodetocantins.com/
Message:
OTS parsing error: invalid sfntVersion: -1991225785
other warning URL: https://em-br.diariodetocantins.com/
Message:
Failed to decode downloaded font: https://em-br.diariodetocantins.com/static/fonts/roboto-regular.woff2
other warning URL: https://em-br.diariodetocantins.com/
Message:
OTS parsing error: invalid sfntVersion: -1991225785
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.flipar.com.br/wp-content/s/2024/01/pots-716579_1280.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://iframe.fresh8.co/
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://iframe.fresh8.co/
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Failed to decode downloaded font: https://em-br.diariodetocantins.com/static/fonts/roboto-regular.woff2
other warning URL: https://em-br.diariodetocantins.com/
Message:
OTS parsing error: invalid sfntVersion: -1991225785
other warning URL: https://em-br.diariodetocantins.com/
Message:
Failed to decode downloaded font: https://em-br.diariodetocantins.com/static/fonts/roboto-regular.woff2
other warning URL: https://em-br.diariodetocantins.com/
Message:
OTS parsing error: invalid sfntVersion: -1991225785
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Failed to decode downloaded font: https://em-br.diariodetocantins.com/static/fonts/merriweather.woff2
other warning URL: https://em-br.diariodetocantins.com/
Message:
OTS parsing error: invalid sfntVersion: -1991225785
other warning URL: https://em-br.diariodetocantins.com/
Message:
Failed to decode downloaded font: https://em-br.diariodetocantins.com/static/fonts/merriweather.woff2
other warning URL: https://em-br.diariodetocantins.com/
Message:
OTS parsing error: invalid sfntVersion: -1991225785
other warning URL: https://em-br.diariodetocantins.com/
Message:
Failed to decode downloaded font: https://em-br.diariodetocantins.com/static/fonts/merriweather.woff2
other warning URL: https://em-br.diariodetocantins.com/
Message:
OTS parsing error: invalid sfntVersion: -1991225785
other warning URL: https://em-br.diariodetocantins.com/
Message:
Failed to decode downloaded font: https://em-br.diariodetocantins.com/static/fonts/merriweather.woff2
other warning URL: https://em-br.diariodetocantins.com/
Message:
OTS parsing error: invalid sfntVersion: -1991225785
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error
Message:
Refused to frame 'https://www.betsson.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' *.betssongroupaffiliates.com *.ptstaging.eu *.onegameslink.com".
security error
Message:
Refused to frame 'https://www.betsson.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' *.betssongroupaffiliates.com *.ptstaging.eu *.onegameslink.com".
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://iframe.fresh8.co/632c265f6b5bf1001c945d27/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssasVMZVZgSf29Ph9QwBuVut1ARsGzva32UvNIAhGlSmQJWe7n_oIxLZDxU8zsTtc4v_VfC34GOjamm1QcLVW5o-jMwXaLfPVglBKey9cyhT9BbSWesiCgciz-2PQyicseMt7raXXwADAeOLyPYmSBu45x6Sbipwkf0An-yvMbv9fmnC-JMwvNeJYpWmPwK4me3WVc1ePf-p2GxwgmTt09ags9MmEHNdF2tVUFK1-QQ19KCh_hOk9zJV9eR87Lc8ioaJ4xaweLlMfZh06YxVSiTYzhcll9P-CRTqt-xEBO_8Ajk_3-sG7rLYQh36oXDaq9Lgs4hxct8r1jP2VGrl-PGiMKmSnN9MHjx9c9irCeyYGn_Dr-FP3nHANzOAOzRca1dMVJFRA%2526sai%253DAMfl-YSxn5Y875ZzeI214qzUJpvFDMRGgx59vrjnQxVpGu4JiRN4aLrgwv0viGoD_-azbNryvBLd5sm25mlRd7BopbFdnjuxHuBxl5D6s0Epw1wWuQertiYYBYVrkLAUWQ%2526sig%253DCg0ArKJSzK3a00EUBnoPEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=1870724439&
Message:
The resource https://iframe.fresh8.co/ was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://iframe.fresh8.co/632c26106b5bf1001c945ada/adtag?ref=https%3A%2F%2F40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&clickUrl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuwfUV-ee15NE2Qc316CDg3cD55fBRZRGVQ5NrVWLIhon6Yt3-g8KhbEkP-pq-0qE4g4ZkDZWUfZQvgkaZLieEiF0su30sFtuqut_Zswv-ahpW1qSXAu_gG-dxTCtN3O7F3Hb2HFkbYKmdzUkIGYT0rLAtppDIl_H1H2OuO0zKWJAah2dO16YxfboFzft_4bHw9yRNr4Iiw0zhOc5pgJQ-IHeBpzWbGLyf1HDvxX10PQPJ94f89EKsQDyH3heeFJM4UoY675eCpZs8BH11jDekUY7HuX5hTRmcxfnVdyJI3vRYpfF65G5F8u09Y8O2U1F5bGZo6gYMkirDjWWNOjMUjHgQ0jfbba-szZaUucMIe_qAmlGDjLWzY9UIIfAFgKOJs20l5zw%2526sai%253DAMfl-YTVmpDt39v1AFHqY3emoyAobzvXJsImWrhAEg8gn01U9s4cVj7yGCCXUD6PdtJJf5wqShTghJq6MmxWmgaRi3pkfTg0uWY7ULMIZn4BJu0o29sUDv9QUQyKvHMHiw%2526sig%253DCg0ArKJSzLsejBIxemFaEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&ord=2105070999&
Message:
The resource https://iframe.fresh8.co/ was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://t.adx.opera.com/pub/sync?pubid=pub10101531197440&gdpr=1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 424 ()
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2015B728CE-C9ED-446D-A3E3-69DAF01C123B&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://em-br.diariodetocantins.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0556858879aa602f1fab37ad8058c9c9.safeframe.googlesyndication.com
40de1f93b7c5ce4af9a158f71545f27a.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.stickyadstv.com
analytics.google.com
ap.lijit.com
appleid.cdn-apple.com
b.t.tailtarget.com
barra.uai.com.br
bh.contextweb.com
c.amazon-adsystem.com
cdn.fresh8.co
cdn.navdmp.com
ce.lijit.com
clickstream.fresh8.co
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cnt.trvdp.com
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
console-user-assets-cdn.fresh8.co
cpm.denakop.com
cs.admanmedia.com
css.em.com.br
csync.smilewanted.com
d.tailtarget.com
demiseskill.com
eb2.3lift.com
em-br.diariodetocantins.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
geo.privacymanager.io
go.trvdp.com
gum.criteo.com
ib.adnxs.com
ice.360yield.com
iframe-assets.fresh8.co
iframe.fresh8.co
image.staticox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imgs.em.com.br
imgs2.uai.com.br
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
midias.em.com.br
mug.criteo.com
onetag-sys.com
origunix.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
prg.smartadserver.com
pupspu.com
px.ads.linkedin.com
record.betsson.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.google.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
static.smilewanted.com
stats.g.doubleclick.net
stg.truvidplayer.com
survey.g.doubleclick.net
sync.ipredictive.com
sync.mathtag.com
sync.navdmp.com
sync.smartadserver.com
sync.technoratimedia.com
sync2.navdmp.com
t.adx.opera.com
t.tailtarget.com
tag.navdmp.com
tags.denakop.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tt-10258-0.seg.t.tailtarget.com
tt-11382-4.seg.t.tailtarget.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us.shb-sync.com
us01.z.antigena.com
usr.navdmp.com
vmuid.com
www.betsson.com
www.flipar.com.br
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
s.google.com
104.102.130.13
104.18.189.136
104.36.113.107
104.36.113.110
104.36.113.111
13.225.195.82
142.234.204.80
142.250.31.156
147.28.129.140
151.101.193.108
174.137.133.32
179.191.175.66
179.191.175.69
179.191.177.67
18.160.10.101
18.160.51.31
18.233.188.186
18.67.62.209
185.184.10.30
192.243.59.12
198.148.27.131
2001:4860:4802:36::181
207.65.37.181
209.54.182.161
213.19.162.90
216.200.232.253
23.105.12.113
23.105.12.150
23.220.118.26
23.39.33.14
23.83.76.84
2600:1408:9000::172d:b4c9
2600:1408:9000::17c9:1fd0
2600:1408:9000::17c9:1fda
2600:1408:9000::17c9:1fe3
2600:1f18:4e9:5a05:d643:b640:6740:33e1
2600:9000:215f:e800:1b:5138:8a40:93a1
2602:803:c002:200::32
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:10::6816:1ed1
2606:4700:3034::6815:55aa
2606:4700:3034::6815:acc
2606:4700:3034::ac43:c891
2606:4700::6810:ef3
2606:4700::6812:170e
2606:ae80:1451:22::730
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c07::84
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c0b::8d
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::66
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1d::67
2620:100:a001::c
2620:1ec:21::14
2a02:6b8::1:119
2a03:2880:f003:c0e:face:b00c:0:3
2a04:4e42:400::649
3.161.213.111
3.161.213.18
3.161.213.97
3.208.192.93
3.233.74.236
3.33.220.150
34.102.185.99
34.111.113.62
34.117.196.1
34.150.170.96
34.200.65.202
35.201.123.184
35.207.24.140
35.211.178.172
35.244.159.8
35.71.139.29
37.157.6.232
40.76.134.238
51.222.39.186
52.95.122.74
54.152.50.241
54.166.87.8
54.192.51.40
54.192.51.48
54.192.51.80
54.236.181.83
63.251.28.233
68.67.161.182
69.173.151.100
74.119.119.139
74.121.140.211
8.2.110.33
8.28.7.83
80.77.87.162
82.145.213.8
03089497f2493071b7d29a09a82e118f75f33abb560c00b42253a17b3d52cb9c
03418a024d92468bfa2e9ec42bf2ff86bb1434da9b65f8acba15b3d159c6ac27
04eeb0b5222c635717d1469f02018af2f30e5e0df81cbe6a3d977234f0df9c9c
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
05a4a88f417264926d8c52323a80416fed1bd8162185a490021b10a5318b4971
05d1311a307c6eaa11b905afae5e539597f90de661a61df7ef87d0cb2a6f94c0
067e01afab9a4b64f824fcd862adf4e8fb47d9a9bdc17e7b23d00335a0388842
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070c65f53fe0f4614ba1508177431e8707bf9f4d0a4ede85c27a03d230a9b2ce
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08d0789053003490946f5482537be59e1979e5e24ca52c525dedf387526295bc
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ee16d4f8cebd58a71d0477af74f3141737950674a467e0bc5d8bdd8f857220c
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1048535d9c170ccc4db87a47e58891f73fba5199dbf27c2a70ca9541cb414d69
119e7ba2e439d798a843bf6d04bd01a12571bc3650733f2a87b505578172bd3a
12d68f611c8abbe09a5419771e510002d1849a719baef072aed77623bd4d0713
131a82cec43bcc1f2dad42cd1dc302635aa60607cafa4d841f1140f2ce6cec60
138f770fc29d3792e7b5cecfe424b5e2da5d8984cc7e38072955a1dbdf826214
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18edc431b770bfb55900ff2f3b9d27ef553ef57d793545725a82d87ce8118021
19ba37dd296e46c0885405117edc40629931d1077b914e131d5b6ff46a7c372a
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1aa3d5185bc662b61963947aa982da80ed6532df90da1c05a18320564ead297f
1f9455831cfb110ca7efef69049605177d56cf15dbe8a709cef889f4f33f5cb8
1fb11d98e1bdff89b5556445e957f666a0f587cf7d7a4594a59ae6abbe23784c
1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8
2012a5587b61404cc0997cb1c495da6e8fa58e5411ab5d12893908b8a1bb0ee0
2296cbbb75a76af577a51f0ef96b846baae1dd6fdd8ef58fea5e64c373f94a68
2341cfb617152febffbedb3644f533ef57b120b960abcc48fa1b7f21741d187e
23edb8428b55d7a1d2370cb7b173da8a9ccca4827ee3c66d46c35c64a6692745
254ec55745b8adc7fce5964af7c33e25f719e33f172c1dc8d01455a670a9d8ab
2588fd4572f8538aa86dc073a6cc587452c4a658dcbf38dde6511eada4ebfec8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25d7c7de1c8c832e2e42e2881c3bd34f9129e19171e78d96e82d3fac79b6eac3
2882a46915c964d7d21b92d5ccc6125edb2dc4f6c2d0a976b10ef09eeee08162
2900410dad661f2e9decfa8337f372ec315f7ecb387245f8cffa65b6b7f1201d
29d922afebc58f614e40c027c3168f1d351777fe47ad65e1f0bab957856facd7
2eedc54012ca45285834679c6d356d19a899566b6287b307531b434126666ae5
2f947700bce47f2f15db7abcb3b52d8a69062f8ea4c3d52207f0cd6423b539ab
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33baec5e3f5f93f3bdfd4e18403f591ae47a4f8ed91ac454552a4358a495f9fa
33ea3ff30af93fca3f063ad30a95a2da37837b05eaa338cbe958d9644954840c
3c46bfd4e0d7acf4ad7fb8682de470bbf4e40c3b1a182cd10589092f277f686d
3cfa72225ea987be7a1191670437b63dd723b85497b6feef3fc3e1567a57a30a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e336b3aaad96c4282d4031e1b496e77a8255c232f9f7a6f05c7cb2ccdfa0b3d
3ea5e6d848497ec2f851caf2a20b3b548e24bbfb9eb365306a0db6c560b22bce
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f99d6e1a5a562436be4258e45efb14e82767e532149f83855ff8d826e03af49
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
420def68a35653f8009b07b594b9c88d6d6474108e9b1b961df299096e98a621
42e97cc2c131430efbb534733d333afdfa9d42d4afbf104b390fc33582674b98
43c835d7df4c60af487a9f9b24d594706af62c23c970c0c1cd10e0bfab2b763f
43ff112059cd884805cd316dd3a01a3142d6d286d911a19b5c8cb8914c956ab5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48910988cade04c93ad450a8d7b830cffe8c198449d5496508d499e9040a0274
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4971658c3ec37475adb14c8869cfe6e257634c74a2c67a8a7cbba924a4f297f6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b94990828f4bdd2a14933ca73b6a8a49fb2eface5f736e4e424c8e492057631
4cf753c1ce23c690959ba1b59e6527be184cd38e332499514daea51b4292d0d1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
500f563b3617cf1a0de1f6974002e6d18f8fc25da6ed5ddb73ca13e813be54f3
50f3109ece70eab3f8066fa0f2cb707f0e26e5cc3d2915ea35e8e9cdcb622eab
51322cd3f890e0f823a337d1db4e41f482a526d41fc5313174ba558de9a0da61
535aead0a5a7bd6c9f5e4291a5f556b34aa32d6b9479b501b2beb23dcad3fb68
53be0578f87f1f73d305110acb20730521d0056775c76d688a5008c7781c7180
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566e6efca39ed9b838fb570de85c843ae0eb940b872796ed011ffba4642593e2
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5bac1c6ad3a42d03211c7421edfd954aa50f3839c1b8b6ed164ac4004283a0e0
5c16a3225c4e84423e3301ada2387d06b0cf02b5e4c1db4866d1290f851eef14
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d0afe0e845c29c1b4e93c7af516e320351631ab0c69f611f2ddf1ae9525c6ea
5f5fc2c8972558cfc1089d10cdf619e85e5ba2ea35665984323c85e36857d4f1
5f947b33f53dd68e8f3ba015337b10872be23061178f0d95f609bc91abd1f564
5fa9a7ad6fa3d4cedfbf892195bd992b288937240a17d73bbc09d727d1090c6c
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a5fa8eb86fb06c5e0bc6d89097b5343dcbeecf1b8f7e0315a4fc9294840083
640fc7e6356cfd1fd66dde380e3c80fafa8ed8d0ced811d7b7395f058cafb2b2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3
681d7dd90c93e525be682ce50bc813c63531dbda63e27a92509e2ae64c2f10fc
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
6a168c5162134320b24bd4d33dcc17aca8607090021f791cffc523d6463e19fe
6b9fba8637bed100516f5021601598181117640b4a5307eba93c3d325364d55a
6d34d6527cf2592c5c68c466b05f88cedb816e5388bbd94f91cc1b363e88a486
6dda6f756be8f7be7e4e4d75c1448a6927e30f9585d0e1d9d3637febf950d235
6e1450b21a6f1b2807726ebbeadbaf68bafbbf406c15209e5d903f17c9a262b7
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc
71d886787a2dc09f325d2a8c1f6a506322609263b328aa338f12e8748cf996c7
729ef5dba5dd3dfa5fb679668748d75561ac5f610d818a6ba8f057e8040112b7
72fdf730872df4a59d7a755549f6d4c66dcb1d375858a2c835ede1c4da01fcc2
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
759bed2ca060eaca61886f857fcc79759e16d47c6668a97114b2cc18876ba3e3
774716d58136f14f775c5a9c00f7e00a5e20ee441638ef36596b9caefa1754d0
776f580b85ba762bfcf46ebe934d867dda8d62d39e8773d93ec1f2414501e472
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
7b527d957565c3d6e7cbc08b04b0a7ec9ade14534b75476e982a98c6eba28546
7e7960ac4c0efd6920c3919d9ad82adbdb1eb5ad214390edc71e83df63f8bf79
8048e9cabfad8c3f2060fd2c9330f4c6f373bf90c63bb34a3411b68c7848352a
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8441b02a956c23188d79f0ccad1e602409ae922b271785ecc68c0d212448f250
847868b2c2cf1a6ffca0353dcb6f7c4816382455a64dd89d0a7d0274ce299970
850ebd879191ffb670b62c8958cee219f20208fc450dc3a894eab859ffc38d58
865a98de24f9a4673da8a06aeda7253013b3b9ba34d64ef3719ee38497b47606
879791a25b942ec6922c47fa4d667799bdca71b931523320357d969f20117249
87aea15a85916f617ff5293dff7b46b1da669a28c1c0e69b9f36fd1a6cb7aceb
895a0f2379ad5bacea2c38beb6f402996d6a2ee026fefe9ab234a9e764a88f98
8a254d180052a0ca7b164e804f15763a0d7d079a02e3e34fd4697bcafe4d65b5
8b93d2435c7e3999741d92869e943c94dd6cf7ac7d5b72fee0c39abaf7c314d0
8ef4288e83cbe9fe117306c30e5482466e8cd7f9d8f7838ee95c65a6a28cb33b
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57
9072239b730674fb2c829fba2c4db02e76f0e1ed1d18659a7800de104ebdb133
926cfdbcb7e64be5b911524c61c376f4d33faa2535486a2cebadb34153ed7529
9540f77233c2819384755153b3c8c99dc5df9fa1025576c7f2a5673f645eb262
95d9e987f13cab8761ab808e0535802234afee17ae943deab91994e67ab6c3ca
95fb5b99552ff356c40de7ea9860cbd971e5863db367de64c3e3d767785abfa1
966cc9687d9abc069ee02eb26a541d09ecb7cbb96d7992277f9ff3780050dbac
96b429351bef3c8cc82b74e73fd559fa4dde0330788e13ec378308c29d5417f9
9720afb6acf0f61d5e5f8a324763584fbd83d8804047470e9b7b3581c29d6db3
9d775e2a88b250e5c40b804a7a9211b9b14e48d2147a1339e0ae58c5ee1e5f00
9d933a41dcfce4d3b09116d22b65a170807bb5009508f537942b841e6b1c26e6
9eecadc86d32845f447cf5062cf12a3aa95d0f14d7197223a0b306a45fc96470
a032adc0e3f07da4b0b77f9fbf6e11b934f8e570c0422a656a9f98a5ac78568d
a0516d91dead3fa38bef64683d087460753209e723db56ce3ee1fcb1dbd84162
a074dabf4f78aa9947cfb599cacba3569a762db57f71bb9494772f91883da8c4
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a34691d36c7c01976177985b3fecb5388a77e192d09b36ffed8bc1b1e30c1c88
a5fea867b2d42cb65fe0ae61bbd65d7a8e9bfc3bd89433fa523c564e5c7fb15e
a715287170bb847333ee762ecba71f896804274033cb121ccc766b66e9d7163d
a7ca052d7f15c1bc39ceff27d257c2ceb201a2049ea1b82596a1be0e09a62c79
aa2fc370492adb23ac0c6b60b2283ef99aa27ff0a79c9452bb2a967b6d3f8950
abd5b04b87749553ad040760f546215716530f853754ee74cea0c6908dd85b48
ae32bc027827e9e655fc96772fa09bd7e184af22e9f2ef5cde2e5228da239191
af223bf3fdb102b3aceed245c35e888934b30283745fbbfd81ccba5fe72a1b10
afa99456af3878dac4faef2e726a15d599e566e51028d722f1645bda0368465a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
b2290d3ab562554a5cea7eef43ede6aea8a5186662ec67be34c1bc04ec7cf04b
b338a91ba1d2ab7c3a7a0dd659426f5ffa4cd699be38e2bed5075c4d3e773a48
b4d504a62ddcb6b8cb45f9e97f633785f802c42b99923d61a344ca2097cf538c
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b5e1caf366ac7384626ff09d991e1fdfee19c9a2a37f49645874a31572efb455
b642056cf0cf51774defbb6aa1893b05b95b4471e279c82e62b79c1eba35ad5f
b6c7cd871f51cbad33d73513bca0c4dbf96bf1da60050825299d963873a9edd7
b6d714adfd401407217f9f9140b1fe87e33f2acfe3484488444f94de00b8e6bc
b6ea6699216ca5e92633a48b580c1d3d0e91b808dd4b6c84b5425ff50f3f1cf3
b72ae57956280a1bd4c6eac8f6ef4df8c51f9ed4652e0ba63f7fef04640118e9
b7d7f8bed2ed287a7e3ddb5074d17e2197ca5b85dcd302056f7c9196eebddb49
b85acdd5179c9c5ac05966d659e2a63df50701783ac002e9bc4b87d00e14f6ff
b89c5c01abe999cc6fce25e3101f86a0a637b5fd8edb7f350b66e3446d1f642d
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc0a19af52226a93e42bc25c8896146174763c549ed22e6708b8db85db5641d
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
c183d591522f9e4c05c59ec790f2fdb4e7a0d628951f22cfbd3f2bda6fc7a56a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24e2a548afb65e3d77e4107e9a0b8718125110d6f1990ee260e16d91388a500
c25072ff8d6ffbc3642e582046db7019008394ad48329b2fad35dfd8e26fab17
c3cd836c0a5a4f5fe64e33ae7ff37b8d21880af5d455fdf99909bbcfec370a79
c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5
c542b975886e5e96401f2a417db5f9bcfc116dc9daaf388db8500dd1765ae7f9
c5fe4b16f14fbab784667a876b5b687b1278e692b64a5e5b04e2da18bbd3de52
c6481ebd6e6e43917bd1ab01dff100fc0dd19034b19f9176c8b495e5407645c5
c7580c52e57f94ff723f1e01e171399ce0dc6df55d88499ce9971e5f277d6571
c78a890f8af17762c061219c48d8838e61aca591473fc490db82e7a01e57c23a
c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b
c87a08f17156f9e78bab36efa1ea991c3161a34402b5455c604af86cbae0dd23
c8faeaf8ed3dcd4436225abc6eb6fceda7c167d6617ac0013efa82a58dbaa118
c9dbece176d8a8aea91db5b54948f34477b5d768e6ff8bdfd65e756b2ff23752
ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5
cb8a12e52ad529bf64ab60ced16265946143230bc7c6df8c779f6deaf003a282
ccbc71e935a116b31b99217b0f9b550a84978374e077e6c0624790499097efb8
cdd9890515bcef96860827859c1923c93664b1329cace8e4800f066b5ea3e710
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0df0150b3a2c0a2e388ec9e067c75abebb80f6610d674b04772ec86825944a7
d135e9f8f1e680e49f5030e8f1f11ebec764590bc52d876ad5b6497bd767af52
d1c164f10819733bde7e54d5aa996a8f0a1b71ad4d35a9756f72970b93bb0b28
d304c5971b38b068407f491113b20e36ede88723108a15cab357fab5f135113c
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
d6136706e4e971c3c94e30576a0618a2e0d81130b748157ccd12af7bb9c7115c
d94ac6db7d8114f92214af95dc31d3a1e5157a465a245fa39429965adafcf091
d9f2d54aa580b8242e573f2e770ef6e00acd94dbd54940719caeda6766239bc4
da67035c47f6707d4b7f47f93685d28a61c95c9b70e7d108f219dbb5c78c7462
dc81170d83cd6e76d5f0be3a3a9ae75fa91d97ba40e4c88de97af90e7f49afca
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5b43f8ca77c8f8c2a3a46532f1dfa50dd3c1bc627f6ec5dbc92a081f62256b
df9592b48b705333bf1569635691c5cac45c37b62b12e6d0ac21f85d4bb5254b
e05f3e7de53284e3ddcd2762922492c8a8c67387ca6cddec1feb57412796cb3e
e2d2782189dd696def76fe3f1b7d3b933dc132def4c4165357cfd90cbe6de239
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e9551a0ce5320c1fa51bd30819ab1e9a111fd5d490729c746bce6821a2ccdb01
ea27726e855e1e7eea8c1ea3b4602215a3f7429ef2afbb052dd373e8212c4526
ea7bba8251eacaded6c5e37106eb6f92ccf44d0ae9116da999ecd2c90eef33bc
eabde966a5c312aedbdf70b25906c72414488c8902e3b49fc643f61b4a1c9cca
eb2e78e82066485dd62ad9e5f2f88b9d9877c6ed1a1fddfd724be899569ee31f
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec6557aca9fa6a0659caa489d6d841f7ca94d1d04e15e23b8b3c457168fe5048
ec78cc246d8596168c3b7aa105e237d33f7abceee650f236cc186319e371a0d8
ee1a1346f6df990e3aaec30b52c36e8cd65e2111f6b0b8b08a662fcd8be0cd78
ee4ed444fe54c21992cc4487922aa78b228172c1d12e194504ea5e2e22da9054
eec75800b899771a514fd93bc6e6cbd7e7e0063fcd1b711f75329360371a9527
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13c66ea114b1f92a402401180138291bd146bbee51ec5e84b9515ca9f833ae9
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4f0e81d0fe72a98ab1e21520b04bcf2c9b6550eb25be2edf52bfb281d9a1d6f
f58b3aca547b0663055ba02d2a2ad5cfc89bff8de6eb7a87230f83a40a66a3da
f8db85f6798bccdc6e8b471758334d5182d17f54bf8788f51d93abafc14e289b
f8fd7afac6b9fc70c4920ce18f179f6c34b73f7ee8c995e50cb1159599f6c461
fae95fc957c1950e1e0e498f631e05fec5ded2799231088f7f477c0417a79c3c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffd0c0d08001cc5e5a7b09fb64d2d32afd861682d211a7276aadaf93afefcd4d
ffd3c34e7ab302d9208e4a68c695b05d013cbb943af914b5cf82995e0341fff7